SecTools icon indicating copy to clipboard operation
SecTools copied to clipboard

Published 20 hours ago verified publisher icon Myskiv-Ivan

Metadata

List of tools for SecDevOps, vulnerability analysis, network scanning

This repository is a collection of hacker tools, resources, and links for vulnerability analysis. Most tools are UNIX-compliant, free, and open source.

:telescope: OSINT:

Open-source intelligence (OSINT) is intelligence collected from publicly available sources.

Localized search engines by country.

Search for all kind of files.

:hammer: SecAnalysisTools:

Vulnerability Assessment and Management Systems

Software Category Update Last 6 mouth
Archerysec Vulnerability Assessment and Management :heavy_check_mark:
DefectDojo Vulnerability Assessment and Management :heavy_check_mark:
faraday Vulnerability Assessment and Management :heavy_check_mark:
rengine Vulnerability Assessment and Management, Scanner :heavy_check_mark:

Vulnerability Analysis Software.

Software Category Update Last 6 mouth
hydra Password-cracker :heavy_check_mark:
Vuls Vulnerability Assessment and Management :heavy_check_mark:
Metasploit Exploit Framework :heavy_check_mark:
MobSF Exploit Framework (for Mobile) :heavy_check_mark:
git-secret Cryptography :heavy_check_mark:
truffleHog Secret finding :x:
GitLeaks Secret finding :heavy_check_mark:
RedTeamScripts C# scripts :heavy_check_mark:
knock Subdomain Enumeration :x:
SubDomainsBrute Subdomain Enumeration :heavy_check_mark:
SubDomain3 Subdomain Enumeration :heavy_check_mark:
domained Subdomain Enumeration :heavy_check_mark:
routerslpoit Exploit Framework :x:
BeFF Exploit Framework :heavy_check_mark:

SAST:

Software Analyze Code Update Last 6 mouth
Insider Java, Kotlin, Swift, .NET, C#, Javascript :heavy_check_mark:
Bearer JavaScript/TypeScript, Ruby, PHP, Java (Beta), Go (Beta), Python (Alpha) :heavy_check_mark:
Infer# C# :heavy_check_mark:
SpotBugs Java :heavy_check_mark:
PVS-Studio Multilanguage :heavy_check_mark:
PMD Multilanguage :heavy_check_mark:
PHPvulnhunter PHP :x:
FindSecBug Java web, Andriod, Scala, Kotlin, Groovy :heavy_check_mark:
codechecker C/C++ :heavy_check_mark:
cppcheck C/C++ :heavy_check_mark:
cobra PHP,Java :x:
brakeman Ruby on Rails :heavy_check_mark:
SecCodeScan C#, VB.NET :heavy_check_mark:
Cascade C# :x:
Bandit Python :heavy_check_mark:
LLVM Clang C, Objective-C, C++ and Objective-C++ :heavy_check_mark:
Codemodder Java, Python, fixes non-trivial security issues and other code quality problems :heavy_check_mark:

DAST, IAST:

Software Description Update Last 6 mouth
Snyk Scanner Source Code :heavy_check_mark:
Contrast Application Scanner Framework :heavy_check_mark:
CloudSploit Analyze Cloud Infrastructure :heavy_check_mark:
SonaQube Application Scanner Framework :heavy_check_mark:
WhiteSourceSoft Application Scanner Framework :heavy_check_mark:
PT Application Inspector Application Scanner Framework :heavy_check_mark:

SCA, IAC

  • https://github.com/Checkmarx/kics
  • https://github.com/DependencyTrack/dependency-track
  • https://github.com/bridgecrewio/checkov
  • https://github.com/aquasecurity/trivy

SBOM

  • https://github.com/CycloneDX/cdxgen
  • https://github.com/anchore/syft

Scanners:

Software Category Update Last 6 mouth
Tsunami Scanner :heavy_check_mark:
WATOBO Web Scanner :heavy_check_mark:
Osmedeus Scanner :heavy_check_mark:
OneForAll Scanner :heavy_check_mark:
osprey Web Scanner :x:
Xray Web Scanner :heavy_check_mark:
AZScanner Scanner :x:
GroundScan Scanner :x:
BBScan Scanner :x:
AnyScan Scanner :x:
WAScan Web Scanner :heavy_check_mark:
YukiChan Scanner :x:
Poscan Scanner :x:
w3af Web Scanner :x:
sn1per Scanner :heavy_check_mark:
Scanless Scanner :heavy_check_mark:
NoSQLMap NoSQL Scanner :heavy_check_mark:
Nmap Scanner :heavy_check_mark:
NetSparker Scanner :heavy_check_mark:
Wapiti Web Scanner :heavy_check_mark:
Golismero Scanner :heavy_check_mark:
Nexpose Scanner :heavy_check_mark:
Raccoon Scanner :x:
WhatWeb Web Scanner :heavy_check_mark:
Puma Scan Scanner Analysis :heavy_check_mark:
Arachni Web Scanner :x:
Legion Scanner :heavy_check_mark:
Nessus Scanner :heavy_check_mark:
OpenVAS Scanner :heavy_check_mark:
Acuentrix Scanner :heavy_check_mark:
Nikto Web Scanner :heavy_check_mark:
Sqlmap SQL Scanner :heavy_check_mark:
Striker Scanner :x:
Zaproxy Web Scanner :heavy_check_mark:
AutoRecon Scanner :heavy_check_mark:
ScanOval Application Vulnerabilities in XML files :heavy_check_mark:

:open_file_folder: Vulnerability Database:

Data Description
CVE Common Vulnerabilities and Exposures system provides a reference-method for publicly known information-security vulnerabilities and exposures
Exploitdb The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more
0day 0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals
NVD NIST NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP)
Vuldb Vulnerability database documenting and explaining security vulnerabilities and exploits
Synk Vulnerability database detailed information and remediation guidance for known vulnerabilities

Metadata

31
Stars
4
Forks
Watchers

Owner

verified publisher icon Myskiv-Ivan

Metadata

List of tools for SecDevOps, vulnerability analysis, network scanning

Back