{"id":13994300,"url":"https://github.com/Myskiv-Ivan/SecTools","last_synced_at":"2025-07-22T19:31:45.818Z","repository":{"id":217790554,"uuid":"267615928","full_name":"Myskiv-Ivan/SecTools","owner":"Myskiv-Ivan","description":"List of tools for SecDevOps, vulnerability analysis, network scanning","archived":false,"fork":false,"pushed_at":"2024-03-05T15:45:06.000Z","size":174,"stargazers_count":31,"open_issues_count":0,"forks_count":4,"subscribers_count":3,"default_branch":"master","last_synced_at":"2024-07-08T03:34:00.343Z","etag":null,"topics":["appsec","devops","devsecops","hacking","osint","pentest-tool","pentesting","scanner-web","secdevops","security","security-tools","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Myskiv-Ivan.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null}},"created_at":"2020-05-28T14:43:47.000Z","updated_at":"2024-05-02T18:33:34.000Z","dependencies_parsed_at":null,"dependency_job_id":"9239c15b-2e83-401b-b357-06c05f35a6c5","html_url":"https://github.com/Myskiv-Ivan/SecTools","commit_stats":null,"previous_names":["ivanvoronov/sectools","myskiv-ivan/sectools"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Myskiv-Ivan%2FSecTools","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Myskiv-Ivan%2FSecTools/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Myskiv-Ivan%2FSecTools/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Myskiv-Ivan%2FSecTools/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Myskiv-Ivan","download_url":"https://codeload.github.com/Myskiv-Ivan/SecTools/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":214675193,"owners_count":15768122,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["appsec","devops","devsecops","hacking","osint","pentest-tool","pentesting","scanner-web","secdevops","security","security-tools","vulnerability-scanners"],"created_at":"2024-08-09T14:02:48.696Z","updated_at":"2024-08-09T14:13:30.554Z","avatar_url":"https://github.com/Myskiv-Ivan.png","language":"Python","readme":"This repository is a collection of hacker tools, resources, and links for vulnerability analysis. Most tools are UNIX-compliant, free, and open source.\n\n# :telescope: OSINT:\nOpen-source intelligence (OSINT) is intelligence collected from publicly available sources. \n* [Sherlock](https://github.com/sherlock-project/sherlock)\n* [theHarverest](https://github.com/laramies/theHarvester)\n* [aquatone](https://github.com/michenriksen/aquatone)\n* [spiderfoot](https://github.com/smicallef/spiderfoot)\n* [DNSstuff](https://www.dnsstuff.com)\n* [Builtwith](https://builtwith.com/)\n* [infosniper](https://www.infosniper.net/)\n* [who.is](https://who.is/)\n* [spyse](https://spyse.com/search/as)\n* [onyphe](https://www.onyphe.io/)\n* [urlscan](https://urlscan.io/)\n* [scans](https://scans.io/)\n* [shodan](https://www.shodan.io/)\n* [censys](https://censys.io/)\n* [zoomeye](https://www.zoomeye.org/)\n* [R3CON1Z3R](https://github.com/abdulgaphy/r3con1z3r)\n\nLocalized search engines by country.\n* [Najdsi (Slovenia)](http://www.najdi.si/)\n* [Walla (Israel)](http://www.walla.co.il/)\n* [Goo (Japan)](http://www.goo.ne.jp/)\n* [Naver (South Korea)](http://www.naver.com/)\n* [Baidu (China)](http://www.baidu.com/)\n* [Yandex (Russia)](http://www.yandex.com/)\n\nSearch for all kind of files.\n* [FileChef](https://www.filechef.com/)\n* [File Search Engine](https://www.filesearch.link/)\n* [SearchFiles.de](https://searchfiles.de/)\n* [FileListing](https://filelisting.com/)\n\n____\n#  :hammer: SecAnalysisTools:\nVulnerability Assessment and Management Systems\n| Software | Category | Update Last 6 mouth |\n|----------------|:----------------:|:----------------:|\n|[Archerysec](https://github.com/archerysec/archerysec)|Vulnerability Assessment and Management| :heavy_check_mark:|\n|[DefectDojo](https://github.com/DefectDojo/django-DefectDojo)|Vulnerability Assessment and Management|:heavy_check_mark:|\n|[faraday](https://github.com/infobyte/faraday)|Vulnerability Assessment and Management| :heavy_check_mark: |\n|[rengine](https://github.com/yogeshojha/rengine)|Vulnerability Assessment and Management, Scanner| :heavy_check_mark: |\n\n\nVulnerability Analysis Software.\n| Software | Category | Update Last 6 mouth |\n|----------------|:----------------:|:----------------:|\n|[hydra](https://github.com/vanhauser-thc/thc-hydra)|Password-cracker| :heavy_check_mark: |\n|[Vuls](https://github.com/future-architect/vuls)|Vulnerability Assessment and Management| :heavy_check_mark: |\n|[Metasploit](https://github.com/rapid7/metasploit-framework)|Exploit Framework| :heavy_check_mark: |\n|[MobSF](https://github.com/MobSF/Mobile-Security-Framework-MobSF)|Exploit Framework (for Mobile)| :heavy_check_mark: |\n|[git-secret](https://github.com/sobolevn/git-secret)|Cryptography| :heavy_check_mark: |\n|[truffleHog](https://github.com/dxa4481/truffleHog)|Secret finding| :x: |\n|[GitLeaks](https://github.com/zricethezav/gitleaks)|Secret finding| :heavy_check_mark: |\n|[RedTeamScripts](https://github.com/Mr-Un1k0d3r/RedTeamCSharpScripts)|C# scripts| :heavy_check_mark: |\n|[knock](https://github.com/guelfoweb/knock)|Subdomain Enumeration| :x: |\n|[SubDomainsBrute](https://github.com/lijiejie/subDomainsBrute)|Subdomain Enumeration| :heavy_check_mark: |\n|[SubDomain3](https://github.com/yanxiu0614/subdomain3)|Subdomain Enumeration| :heavy_check_mark: |\n|[domained](https://github.com/TypeError/domained)|Subdomain Enumeration|:heavy_check_mark: |\n|[routerslpoit](https://github.com/threat9/routersploit)|Exploit Framework| :x: |\n|[BeFF](https://github.com/beefproject/beef)|Exploit Framework| :heavy_check_mark: |\n\n\n## SAST:\n| Software | Analyze Code | Update Last 6 mouth |\n|----------------|:----------------:|:----------------:|\n|[Insider](https://github.com/insidersec/insider)|Java, Kotlin, Swift, .NET, C#, Javascript| :heavy_check_mark: |\n|[Bearer](https://github.com/Bearer/bearer)| JavaScript/TypeScript, Ruby, PHP, Java (Beta), Go (Beta), Python (Alpha) | :heavy_check_mark: |\n|[Infer#](https://github.com/microsoft/infersharp)| C# | :heavy_check_mark: |\n|[SpotBugs](https://github.com/spotbugs/spotbugs)|Java| :heavy_check_mark: |\n|[PVS-Studio](https://www.viva64.com/ru/pvs-studio/)|Multilanguage| :heavy_check_mark: |\n|[PMD](https://github.com/pmd/pmd)|Multilanguage| :heavy_check_mark: |\n|[PHPvulnhunter](https://github.com/OneSourceCat/phpvulhunter)|PHP| :x: |\n|[FindSecBug](https://github.com/find-sec-bugs/find-sec-bugs)|Java web, Andriod, Scala, Kotlin, Groovy| :heavy_check_mark: |\n|[codechecker](https://github.com/Ericsson/codechecker)|C/C++| :heavy_check_mark: |\n|[cppcheck](https://github.com/danmar/cppcheck)|C/C++| :heavy_check_mark: |\n|[cobra](https://github.com/wufeifei/cobra)|PHP,Java| :x: |\n|[brakeman](https://brakemanscanner.org/)|Ruby on Rails| :heavy_check_mark: |\n|[SecCodeScan](https://github.com/security-code-scan/security-code-scan)|C#, VB.NET| :heavy_check_mark: |\n|[Cascade](https://github.com/binarybird/Cascade)|C#| :x: |\n|[Bandit](https://github.com/PyCQA/bandit)|Python| :heavy_check_mark: |\n|[LLVM Clang](https://github.com/llvm/llvm-project)|C, Objective-C, C++ and Objective-C++| :heavy_check_mark: |\n|[Codemodder](https://codemodder.io)|Java, Python, fixes non-trivial security issues and other code quality problems| :heavy_check_mark: |\n\n## DAST, IAST:\n| Software | Description | Update Last 6 mouth |\n|----------------|:----------------:|:----------------:|\n|[Snyk](https://github.com/snyk/snyk)|Scanner Source Code| :heavy_check_mark: |\n|[Contrast](https://www.contrastsecurity.com/demo)|Application Scanner Framework| :heavy_check_mark: |\n|[CloudSploit](https://github.com/cloudsploit/scans)|Analyze Cloud Infrastructure| :heavy_check_mark: |\n|[SonaQube](https://www.sonarsource.com/)|Application Scanner Framework| :heavy_check_mark: |\n|[WhiteSourceSoft](https://www.whitesourcesoftware.com/free-trial/)|Application Scanner Framework| :heavy_check_mark: |\n|[PT Application Inspector](https://www.ptsecurity.com/ww-en/products/ai/)|Application Scanner Framework| :heavy_check_mark: |\n\n\n## SCA, IAC\n* https://github.com/Checkmarx/kics\n* https://github.com/DependencyTrack/dependency-track\n* https://github.com/bridgecrewio/checkov\n* https://github.com/aquasecurity/trivy\n\n## SBOM\n* https://github.com/CycloneDX/cdxgen\n* https://github.com/anchore/syft\n\n## Scanners:\n| Software | Category |Update Last 6 mouth|\n|----------------|:----------------:|:----------------:|\n|[Tsunami](https://github.com/google/tsunami-security-scanner)|Scanner| :heavy_check_mark: |\n|[WATOBO](https://github.com/siberas/watobo)|Web Scanner| :heavy_check_mark: |\n|[Osmedeus](https://github.com/j3ssie/Osmedeus)|Scanner| :heavy_check_mark: |\n|[OneForAll](https://github.com/shmilylty/OneForAll)|Scanner| :heavy_check_mark: |\n|[osprey](https://github.com/TophantTechnology/osprey)|Web Scanner| :x: |\n|[Xray](https://github.com/chaitin/xray)|Web Scanner| :heavy_check_mark:|\n|[AZScanner](https://github.com/az0ne/AZScanner)|Scanner| :x: |\n|[GroundScan](https://github.com/ysrc/GourdScanV2)|Scanner| :x: |\n|[BBScan](https://github.com/RASSec/pentestER-Fully-automatic-scanner)|Scanner| :x: |\n|[AnyScan](https://github.com/zhangzhenfeng/AnyScan)|Scanner| :x: |\n|[WAScan](https://github.com/m4ll0k/WAScan)|Web Scanner| :heavy_check_mark: |\n|[YukiChan](https://github.com/Yukinoshita47/Yuki-Chan-The-Auto-Pentest)|Scanner| :x: |\n|[Poscan](https://github.com/erevus-cn/pocscan)|Scanner| :x: |\n|[w3af](https://github.com/andresriancho/w3af)|Web Scanner| :x: |\n|[sn1per](https://github.com/1N3/Sn1per)|Scanner| :heavy_check_mark: |\n|[Scanless](https://github.com/vesche/scanless)|Scanner| :heavy_check_mark: |\n|[NoSQLMap](https://github.com/codingo/NoSQLMap)|NoSQL Scanner| :heavy_check_mark: |\n|[Nmap](https://nmap.org/)|Scanner| :heavy_check_mark: |\n|[NetSparker](https://www.netsparker.com/web-vulnerability-scanner/)|Scanner| :heavy_check_mark: |\n|[Wapiti](https://wapiti.sourceforge.io/)|Web Scanner| :heavy_check_mark: |\n|[Golismero](http://www.golismero.com/)|Scanner| :heavy_check_mark: |\n|[Nexpose](https://www.rapid7.com/products/nexpose/)|Scanner| :heavy_check_mark: |\n|[Raccoon](https://github.com/evyatarmeged/Raccoon)|Scanner| :x: |\n|[WhatWeb](https://github.com/urbanadventurer/WhatWeb)|Web Scanner| :heavy_check_mark: |\n|[Puma Scan](https://github.com/pumasecurity/puma-scan)|Scanner Analysis| :heavy_check_mark: |\n|[Arachni](https://github.com/Arachni/arachni)|Web Scanner| :x: |\n|[Legion](https://github.com/GoVanguard/legion)|Scanner|:heavy_check_mark: |\n|[Nessus](https://www.tenable.com/products/nessus/nessus-professional)|Scanner|:heavy_check_mark:|\n|[OpenVAS](https://www.openvas.org/)|Scanner|:heavy_check_mark:|\n|[Acuentrix](http://www.acunetix.com/vulnerability-scanner/)|Scanner|:heavy_check_mark:|\n|[Nikto](https://github.com/sullo/nikto)|Web Scanner|:heavy_check_mark:|\n|[Sqlmap](https://github.com/sqlmapproject/sqlmap)|SQL Scanner| :heavy_check_mark:|\n|[Striker](https://github.com/s0md3v/Striker)|Scanner|:x:|\n|[Zaproxy](https://github.com/zaproxy/zaproxy)|Web Scanner|:heavy_check_mark:|\n|[AutoRecon](https://github.com/Tib3rius/AutoRecon)|Scanner|:heavy_check_mark:|\n|[ScanOval](https://bdu.fstec.ru/site/scanoval)|Application Vulnerabilities in XML files|:heavy_check_mark:| \n\n____\n#  :open_file_folder: Vulnerability Database:\n|Data|Description|\n|----------------|----------------|\n|[CVE](http://cve.mitre.org/)|Common Vulnerabilities and Exposures system provides a reference-method for publicly known information-security vulnerabilities and exposures| \n|[Exploitdb](https://www.exploit-db.com/)|The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more|\n|[0day](http://0day.today/)|0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals| \n|[NVD NIST](https://nvd.nist.gov)|NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP)| \n|[Vuldb](https://vuldb.com/)|Vulnerability database documenting and explaining security vulnerabilities and exploits| \n|[Synk](https://snyk.io/vuln)|Vulnerability database detailed information and remediation guidance for known vulnerabilities|\n","funding_links":[],"categories":["Python"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMyskiv-Ivan%2FSecTools","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FMyskiv-Ivan%2FSecTools","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FMyskiv-Ivan%2FSecTools/lists"}