Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

awesome-secdev


https://github.com/hustlibraco/awesome-secdev

Last synced: 1 day ago
JSON representation

  • Asset Scanning

    • nmap - Nmap ("Network Mapper") is an open source tool for network exploration and security auditing
    • masscan - Mass IP port scanner, very fast and dangerous
    • dismap - Dismap 定位是一个资产发现和识别工具;其特色功能在于快速识别 Web 指纹信息,定位资产类型
    • gosint - Gosint is a distributed asset information collection and vulnerability scanning platform
    • H - H是一款强大的资产收集管理平台,主要用于src信息收集和红蓝对抗资产收集用,采用python celery分布式实现多节点部署
    • ARL - ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库
  • Vulnerability Scanning

    • vulmap - Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞利用功能, 目前支持的 webapps 包括 activemq, flink, shiro, solr, struts2, tomcat, unomi, drupal, elasticsearch, fastjson, jenkins, nexus, weblogic, jboss, spring, thinkphp
    • xray - 一款完善的安全评估工具,支持常见 web 安全问题扫描和自定义 poc
    • Goby - Goby is a new generation network security assessment tool. It can efficiently and practically scan vulnerabilities while sorting out the most complete attack surface information for a target enterprise.
  • HIDS

    • Elkeid - Elkeid is a support cloud-native and base linux host security(Intrusion detection and risk identification) solution.
  • EDR

    • openedr - Open EDR public repository
  • SAST

    • SonarQube - SonarQube provides the capability to not only show health of an application but also to highlight issues newly introduced. With a Quality Gate in place, you can Clean As You Code and therefore improve code quality systematically.
  • IAST

    • DongTai - DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerabilities, unauthorized access vulnerabilities, etc.), third-party component vulnerabilities, etc.
  • AI Security

    • AI-for-Security-Learning - 安全场景、基于AI的安全算法和安全数据分析学习笔记(偏工程类学习笔记)
  • SOAR

    • w5 - W5 是一个面向企业安全与运维设计的 低代码 自动化平台,可以让团队降低 人工成本,提升 工作效率。可以把代码 图形化、可视化、可编排。让不同的系统,不同的组件通过 APP 进行封装形成平台能力,通过剧本画出你想要的逻辑过程,利用多种 Trigger 去实现自动化执行。