security-tools

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

Attack Surface Management Platform | Sn1perSecurity LLC

Linux privilege escalation auditing tool

My simple Swiss Army knife for http/https troubleshooting and profiling.

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

EMBA - The firmware security analyzer

grep rough audit - source code auditing tool

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Firewall bypass script based on DNS history records. This script will search for DNS A history records and check if the server replies for that domain. Handy for bugbounty hunters.

Hardening Ubuntu. Systemd edition.

🔒 Anti DDOS | Bash Script Project 🔒

一键提取安卓应用中可能存在的敏感信息。

A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

Bash script to audit and fix macOS Catalina (10.15.x) security settings

A collection of security related Python and Bash shell scripts. Analyze hosts on generic security vulnerabilities. Wrapper around popular tools like nmap (portscanner), nikto (webscanner) and testssl.sh (SSL/TLS scanner)

Intelligence and Reconnaissance Package/Bundle installer.

Tools of "The Bug Hunters Methodology V2 by @jhaddix"

A (nearly) production ready Dockered MISP

Secure your Termux app with Termux Login Script

A declarative static analysis tool for jvm bytecode based Datalog like CodeQL

Full Nuclei automation script with logic explanation.

Exploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)

Web Application recon automation

Cat-Nip Automated Basic Pentest Tool - Designed For Kali Linux

A set of curated exercises to help you prepare for the CKS exam

Qualys sslabs-scan utility in a tiny docker image