Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/Soluto/owasp-zap-glue-ci-images
Ready to use images of Zap and Glue, especially for CI integration.
ci docker-image owasp security-testing
Last synced: 05 Jul 2024
![](https://github.com/Soluto.png)
https://github.com/seungsoo-lee/DELTA
PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK
pentesting sdn security-testing software-defined-networking
Last synced: 28 Jun 2024
![](https://github.com/seungsoo-lee.png)
https://github.com/aktsk/ipa-medit
Memory modification tool for re-signed ipa supports iOS apps running on iPhone and Apple Silicon Mac without jailbreaking.
applesilicon arsenal blackhat ios ios-security m1 mobile-app-security mobile-security-testing security-testing security-tools
Last synced: 26 Jun 2024
![](https://github.com/aktsk.png)
https://github.com/aktsk/apk-medit
memory search and patch tool on debuggable apk without root & ndk
android android-security arsenal blackhat mobile-app-security mobile-security-testing security-testing security-tools
Last synced: 26 Jun 2024
![](https://github.com/aktsk.png)
https://github.com/marcoagner/boast
The BOAST Outpost for AppSec Testing (v0.1.2)
appsec appsec-testing oast security security-testing security-tools
Last synced: 25 Jun 2024
![](https://github.com/marcoagner.png)
https://github.com/enkomio/Taipan
Web application vulnerability scanner
application-security hacking hacking-tool security security-audit security-automation security-scanner security-testing security-tools taipan web web-application web-sec-scanner web-security web-security-research
Last synced: 25 Jun 2024
![](https://github.com/enkomio.png)
https://github.com/penetrate2hack/ITWSV
ITWSV- Integrated Tool for Web Security Vulnerability
auto-pentest kali kali-linux kali-linux-hacking kali-scripts kalilinux penetration-testing pentest pentest-tool pentesting security security-audit security-scanner security-testing security-vulnerability vulnerability vulnerability-detection vulnerability-scanners
Last synced: 17 Jun 2024
![](https://github.com/penetrate2hack.png)
https://github.com/rust-fuzz/honggfuzz-rs
Fuzz your Rust code with Google-developed Honggfuzz !
crates fuzz fuzz-testing fuzzer fuzzing honggfuzz rust rust-fuzz sanitizer security security-testing security-tools
Last synced: 14 Jun 2024
![](https://github.com/rust-fuzz.png)
https://github.com/Viralmaniar/Passhunt
Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
cybersecurity default-credentials default-password password penetration-testing pentest-tool security security-testing
Last synced: 14 Jun 2024
![](https://github.com/Viralmaniar.png)
https://github.com/vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
adversary-emulation azuread cloud-administration cloud-security entra-id identity-access-management microsoft microsoft-azure-security microsoft-graph microsoft365 mitre powershell red-team security security-testing ttp
Last synced: 12 Jun 2024
![](https://github.com/vectra-ai-research.png)
https://github.com/jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
api-security application-security appsec appsec-tutorials aws-security azure-security cybersecurity cybersecurity-education devsecops-university gcp-security infosec pentesting security-testing study-guide study-plan study-planner
Last synced: 07 Jun 2024
![](https://github.com/jassics.png)
https://github.com/purpleteam-labs/purpleteam
CLI component of OWASP PurpleTeam
application-security build-tool ci cli cloud-security devsecops devsecops-pipeline hacktoberfest purpleteam security-regression-testing security-testing web-security
Last synced: 06 Jun 2024
![](https://github.com/purpleteam-labs.png)
https://github.com/thomasleplus/jwt-utils
A few utilities to work with JWTs.
crypto cryptography information-security infosec jwt jwt-bearer-tokens jwt-token jwt-tokens openid openid-connect openidc openidconnect security security-testing security-tools shell shell-script shell-scripts shellscript
Last synced: 06 Jun 2024
![](https://github.com/thomasleplus.png)
https://github.com/itboxltda/pentestlab
Script to manage and create local pentesting training virtual lab
cybersecurity cybersecurity-training-lab laboratory-automation owasp pentesting-resources security-testing
Last synced: 06 Jun 2024
![](https://github.com/itboxltda.png)
https://github.com/Marshall-Hallenbeck/red_team_attack_lab
Red Team Attack Lab for TTP testing & research
ansible hacking infosec lab penetration-testing pentesting red-team redteam security security-testing security-tools vagrant
Last synced: 05 Jun 2024
![](https://github.com/Marshall-Hallenbeck.png)
https://github.com/security-cheatsheet/metasploit-cheat-sheet
Metasploit Cheat Sheet 💣
exploit exploitation-framework metasploit metasploit-cheat-sheet metasploit-database metasploit-framework metasploit-framework-database meterpreter msfvenom payload rapid7 security security-cheat-sheets security-research security-testing
Last synced: 05 Jun 2024
![](https://github.com/security-cheatsheet.png)
https://github.com/opensec-cn/kunpeng
kunpeng是一个Golang编写的开源POC框架/库,以动态链接库的形式提供各种语言调用,通过此项目可快速开发漏洞检测类的系统。
poc-library proof-of-concept security-testing security-vulnerability
Last synced: 05 Jun 2024
![](https://github.com/opensec-cn.png)
https://github.com/shodansploit/shodansploit
🔎 shodansploit > v1.3.0
intelligence python-script python-shodan security security-automation security-research security-scanner security-testing security-tools shodan shodan-api shodan-cli shodan-client shodan-python shodan-scripts shodan-tool shodan-tools shodansploit
Last synced: 02 Jun 2024
![](https://github.com/shodansploit.png)
https://github.com/pyhackertarget/hackertarget
🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯
dns extract-links extract-pages hackertarget http-header-check ip-location-lookup ping ping-test reverse-dns reverse-dns-lookups reverse-ip-lookup security security-testing security-tool security-tools subnet-lookup traceroute whois-lookup zone-transfers
Last synced: 02 Jun 2024
![](https://github.com/pyhackertarget.png)
https://github.com/OWASP/ASST
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
asst cybersecurity owasp owasp-top-10 security-assesment-security-tools security-assessments security-audit security-hardening security-testing vulnerability-assessment vulnerability-detection vulnerability-scanner vulnerability-scanners web-vulnerability-scanner web-vulnerability-scanners
Last synced: 02 Jun 2024
![](https://github.com/OWASP.png)
https://github.com/flipkart-incubator/watchdog
Watchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
application-security bugbounty cve-databases cve-search network-security penetration-testing-framework pentest-tool product-security security security-testing security-tools security-vulnerability vulnerability-assessment vulnerability-management
Last synced: 30 May 2024
![](https://github.com/flipkart-incubator.png)
https://github.com/0xisk/awesome-solidity-security
The purpose of this repo is to list all the related Research Papers focused on Smart-contracts security topics. As well as listing all the encountered smart-contracts defects with a summary description. 🛡️
awesome awesome-list ethereum-contract research-paper security security-testing security-topics security-vulnerability smart-contract-security smart-contracts smart-contracts-audit
Last synced: 22 May 2024
![](https://github.com/0xisk.png)
https://github.com/gdgd009xcd/automacrobuilder
A BurpSuite Add-on that allows testing of web application vulnerabilities by recording complex multi-step sequences. You can test applications that need to access pages in a specific order, such as shopping carts or registration of member information.
authentication burpsuite burpsuite-extender burpsuite-tools crawler extender extensions multi-step security security-testing security-tools vulnerability-scanners webcrawler websecurity
Last synced: 19 May 2024
![](https://github.com/gdgd009xcd.png)
https://github.com/openraven/magpie
A Cloud Security Posture Manager or CSPM with a focus on security analysis for the modern cloud stack and a focus on the emerging threat landscape such as cloud ransomware and supply chain attacks.
aws cloud cloudsecurity cspm gcp security security-audit security-scanner security-testing security-tools security-vulnerability
Last synced: 12 May 2024
![](https://github.com/openraven.png)
https://github.com/gdgd009xcd/AutoMacroBuilderForZAP
A ZAPROXY Add-on that allows testing of web application vulnerabilities by recording complex multi-step sequences. You can test applications that need to access pages in a specific order, such as shopping carts or registration of member information.
activescan addon authentication csrf multistep multistep-form security security-testing security-tools vulnerability-scanners web-security webcrawler websecurity zap-extension zaproxy
Last synced: 12 May 2024
![](https://github.com/gdgd009xcd.png)
https://github.com/Contrast-Security-OSS/safelog4j
Safelog4j is an instrumentation-based security tool to help teams discover, verify, and solve log4shell vulnerabilities without scanning or upgrading
iast java log4j log4shell rasp security security-testing vulnerability vulnerability-scanner
Last synced: 12 May 2024
![](https://github.com/Contrast-Security-OSS.png)
https://github.com/xen0l/dlint-check
Github Action to run dlint security linter on your Python code
flake8 github-actions linter python python3 security security-testing static-analysis
Last synced: 11 May 2024
![](https://github.com/xen0l.png)
https://github.com/rhymeswithmogul/SecurityTxtToolkit
A PowerShell module for generating and parsing "security.txt" files.
pgp-signature powershell powershell-adminscripts powershell-cmdlets powershell-core powershell-gallery powershell-module powershell-modules pwsh rfc-9116 security security-audit security-automation security-scan security-scanner security-team security-testing security-tools security-txt securitytxt
Last synced: 11 May 2024
![](https://github.com/rhymeswithmogul.png)
https://github.com/mitre/caldera
Automated Adversary Emulation Platform
adversary-emulation caldera cybersecurity hacking mitre mitre-attack mitre-corporation red-team security-automation security-testing
Last synced: 09 May 2024
![](https://github.com/mitre.png)
https://github.com/guardrailsio/awesome-python-security
Awesome Python Security resources 🕶🐍🔐
awesome awesome-list python security security-testing security-tools static-analysis
Last synced: 07 May 2024
![](https://github.com/guardrailsio.png)
https://github.com/guardrailsio/awesome-java-security
Awesome Java Security Resources 🕶☕🔐
awesome awesome-list java security security-testing security-tools static-analysis
Last synced: 07 May 2024
![](https://github.com/guardrailsio.png)
https://github.com/sterrasec/dummy
Generator of static files for testing file upload. It can generate the png file of any number of bytes!
image-generation png-image-generate qa security-audit security-testing
Last synced: 02 May 2024
![](https://github.com/sterrasec.png)
https://github.com/lucideus-repo/UnSAFE_Bank
Vulnerable Banking Suite
application-security cybersecurity ethical-hacking hacking learn learning-by-doing mobile-security security-testing security-vulnerability vulnerability-assessment vulnerable-android-apps vulnerable-applications vulnerable-ios-apps vulnerable-web-app vulnerable-webserver whitehat
Last synced: 01 May 2024
![](https://github.com/lucideus-repo.png)
https://github.com/e-m-b-a/embark
EMBArk - The firmware security scanning environment
data-analysis django embedded-linux embedded-systems firmware firmware-analysis firmware-tools hacking iot linux penetration-testing pentesting scanner security security-automation security-scanner security-testing security-tools ubuntu-server vulnerability-scanners
Last synced: 27 Apr 2024
![](https://github.com/e-m-b-a.png)
https://github.com/guardrailsio/awesome-dotnet-security
Awesome .NET Security Resources
awesome awesome-list dotnet dotnet-core dotnet-framework security security-testing security-tools static-analysis
Last synced: 22 Apr 2024
![](https://github.com/guardrailsio.png)
https://github.com/jay-johnson/owasp-jenkins
Want to test your applications using the latest OWASP security toolchains and the NIST National Vulnerability Database using Jenkins, Ansible and docker? :whale: :shield: :lock:
ansible c-sharp dependency-checker django docker jenkins national-vulnerability-database node nvd owasp python react ruby-on-rails security security-automation security-testing security-vulnerability tensorflow vue zap
Last synced: 20 Apr 2024
![](https://github.com/jay-johnson.png)
https://github.com/kpcyrd/boxxy-rs
Linkable sandbox explorer
regression-testing rust sandboxing security-testing
Last synced: 18 Apr 2024
![](https://github.com/kpcyrd.png)
https://github.com/akto-api-security/akto
Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure
api-discovery api-security api-security-testing api-testing authentication authorization devsecops devsecops-pipeline docker docker-compose hacktoberfest hacktoberfest2023 idor owasp-top-10 react security security-testing sensitive-data-exposure threat-detection
Last synced: 18 Apr 2024
![](https://github.com/akto-api-security.png)
https://github.com/CaringCaribou/caringcaribou
A friendly car security exploration tool for the CAN bus
can-bus ecu fuzzing python security-scanner security-testing xcp
Last synced: 17 Apr 2024
![](https://github.com/CaringCaribou.png)
https://github.com/fportantier/habu
Hacking Toolkit
hacking linux network-analysis networking penetration-testing pentest pentest-tool pentesting pentesting-networks python3 scapy security-audit security-testing security-tools windows
Last synced: 14 Apr 2024
![](https://github.com/fportantier.png)
https://github.com/tprynn/web-methodology
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
application-security appsec documentation security security-testing web web-application web-application-security
Last synced: 12 Apr 2024
![](https://github.com/tprynn.png)
https://github.com/jjf012/gopoc
用cel-go重现了长亭xray的poc检测功能的轮子
poc proof-of-concept security-testing vulnerability-scanner
Last synced: 12 Apr 2024
![](https://github.com/jjf012.png)
https://github.com/payloadbox/command-injection-payload-list
🎯 Command Injection Payload List
application application-security bugbounty command command-injection injection linux macos os os-injection payload payload-list security security-research security-testing security-vulnerability unix vulnerability vulnerability-research windows
Last synced: 10 Apr 2024
![](https://github.com/payloadbox.png)
https://github.com/B3nac/InjuredAndroid
A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.
android android-security android-studio apk bug-bounty ctf flutter flutter-security flutter-xss kotlin kotlin-android pentesting security-testing vulnerabilities webview
Last synced: 07 Apr 2024
![](https://github.com/B3nac.png)
https://github.com/iamprbkr/awesomebugbounty4noob
Awesome Resources for beginners on how to find websites/Domains/Targets for Bugbounty/Pentesting/Responsible Disclosure
bug-bounty bugbounty ethical-hacking pentesters security security-testing security-vulnerability
Last synced: 06 Apr 2024
![](https://github.com/iamprbkr.png)
https://github.com/secureCodeBox/secureCodeBox
secureCodeBox (SCB) - continuous secure delivery out of the box
devsecops hacktoberfest kubernetes kubernetes-operator owasp owasp-zap securecodebox security security-automation security-testing security-tools
Last synced: 05 Apr 2024
![](https://github.com/secureCodeBox.png)
https://github.com/security-checklist/php-security-check-list
PHP Security Check List [ EN ] 🌋 ☣️
bugbounty checklist php php-framework php-library php-security php-security-checker security security-audit security-checklist security-research security-researcher security-testing web-application web-application-framework web-application-security webapplication
Last synced: 05 Apr 2024
![](https://github.com/security-checklist.png)
https://github.com/PaytmLabs/nerve
NERVE Continuous Vulnerability Scanner
security security-testing security-tools vulnerability-assessment vulnerability-detection vulnerability-scanners
Last synced: 05 Apr 2024
![](https://github.com/PaytmLabs.png)
https://github.com/bl4de/security-tools
My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.
bug-bounties bug-bounty bugbounty ctf ctf-tools hacking infosec itsecurity pentesting python scanner security-testing security-tools static-analysis webappsec
Last synced: 05 Apr 2024
![](https://github.com/bl4de.png)
https://github.com/wallarm/gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
api-security bugbounty graphql-security grpc-security owasp rest-security security security-testing security-tools waf web-application-firewall web-application-security
Last synced: 01 Apr 2024
![](https://github.com/wallarm.png)
https://github.com/deep5050/cppcheck-action
A github action to perform C/C++ security checks automatically
analysis c code-quality code-review cpp cppcheck-action cppcheck-documentations dangerous-coding-constructs performance-analysis security-testing static-analysis vulnerability-detection
Last synced: 28 Mar 2024
![](https://github.com/deep5050.png)
https://github.com/Anof-cyber/Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
android application-security appsec bugbounty cybersecurity hacking infosec penetration-testing penetration-testing-notes pentesting security security-testing
Last synced: 27 Mar 2024
![](https://github.com/Anof-cyber.png)
https://github.com/falcosecurity/event-generator
Generate a variety of suspect actions that are detected by Falco rulesets
go kubernetes-auditing security security-testing syscall
Last synced: 22 Mar 2024
![](https://github.com/falcosecurity.png)
https://github.com/mercedes-benz/sechub
SecHub provides a central API to test software with different security tools.
api appsec build client continuous-integration dast k8s orchestration rest sast sdlc secdevops sechub security security-automation security-scanner security-testing security-tools server vulnerability-scanners
Last synced: 21 Mar 2024
![](https://github.com/mercedes-benz.png)
https://github.com/trailofbits/siderophile
Find the ideal fuzz targets in a Rust codebase
fuzzing program-analysis rust security-testing
Last synced: 16 Mar 2024
![](https://github.com/trailofbits.png)