XML-Security Plug-In
. The Eclipse XML-Security Plug-In
allows you to experiment with the W3C
recommendations on digital signatures
and encryption and to learn all about
their back...
Enter
aws-security-viz
. Need a quick way to visualize your
current aws/amazon ec2 security group
configuration? aws-security-viz does
just that based on the EC2 security
group ingre...
Enter
Security VMS
. Features:Intuitive, Responsive and
Resource-effective . This is an
application that can also be fetched
from
https://sourceforge.net/projects/security-vms/....
Enter
WS-Security Wrapper
. WS-Security Wrapper is an adapter
between XML applications and SOAP Web
services implementing WS-Security. It
handles all aspects of SOAP/WS-Security
encodin...
Enter
XML-Security Plug-In
. The Eclipse XML-Security Plug-In
allows you to experiment with the W3C
recommendations on digital signatures
and encryption and to learn all about
their back...
Enter
visualNets Graphical Network Security
. visualNets is a log analysis utility
that graphically plots network packets
over time. Plot source or destination IP
or port addresses in a graphical format ...
Enter
SCAP Security Guide
. The purpose of this project is to
create security policy content for
various platforms, Red Hat Enterprise
Linux, Fedora, Ubuntu, Debian, SUSE
Linux Enterpri...
Enter
JWT Spring Security Demo
. This is a demo for using JWT (JSON
Web Token) with Spring Security and
Spring Boot. I completely rewrote my
first version. Now this solution is
based on the ...
Enter
SecSy: Security-oriented Log Synthesis
. SecSy is a tool for security-oriented
log synthesis. Besides basic synthesis
properties (cases per day, office hours,
randomized activity duration, .), its d...
Enter
phpcs-security-audit v3
. phpcs-security-audit is a set of
PHP_CodeSniffer rules that finds
vulnerabilities and weaknesses related
to security in PHP code. It currently
has core PHP r...
Enter
OWASP Find Security Bugs
. The SpotBugs plugin for security
audits of Java web applications. Find
Security Bugs is the SpotBugs plugin for
security audits of Java web
applications. It ...
Enter
visualNets Graphical Network Security
. visualNets is a log analysis utility
that graphically plots network packets
over time. Plot source or destination IP
or port addresses in a graphical format ...
Enter
WS-Security Wrapper
. WS-Security Wrapper is an adapter
between XML applications and SOAP Web
services implementing WS-Security. It
handles all aspects of SOAP/WS-Security
encodin...
Enter
Folder Security Viewer
. This software supports network
administrators to access the correct
security role for a specific folder
without having to load windows explorer
which will lo...
Enter
project Cubic Security
. Audience: Security. User interface:
Win32 (MS Windows). Programming
Language: C#. Database Environment:
SQL-based. Categories:Desktop Publishing...
Enter
JWT Spring Security Demo
. This is a demo for using JWT (JSON
Web Token) with Spring Security and
Spring Boot. I completely rewrote my
first version. Now this solution is
based on the ...
Enter
Huorong Security
. Operation mode: EDR operation system,
network-wide threat awareness With the
Huorong terminal as the cornerstone,
while protecting users, it detects
various ...
Enter
Spring Security
. Spring Security is a powerful and
highly customizable authentication and
access-control framework. It is the
de-facto standard for securing
Spring-based appl...
Enter
phpcs-security-audit v3
. phpcs-security-audit is a set of
PHP_CodeSniffer rules that finds
vulnerabilities and weaknesses related
to security in PHP code. It currently
has core PHP r...
Enter
OWASP Find Security Bugs
. The SpotBugs plugin for security
audits of Java web applications. Find
Security Bugs is the SpotBugs plugin for
security audits of Java web
applications. It ...
Enter
Omega IRC Security Services
. Omega IRC Security Services - is a
*nix based, modularized security
services coded in C. Which supports
multiple IRCd protocols.
Features:Dynamic configurati...
Enter
Security Code Scan
. Detects various security
vulnerability patterns. SQL Injection,
Cross-Site Scripting (XSS), Cross-Site
Request Forgery (CSRF), XML eXternal
Entity Injection ...
Enter
Security Code Scan
. Detects various security
vulnerability patterns. SQL Injection,
Cross-Site Scripting (XSS), Cross-Site
Request Forgery (CSRF), XML eXternal
Entity Injection ...
Enter
Enterprise Laptop Security System
. It was made for Universities/Colleges
to manage their students' laptops in
order to prevent theft cases. If your
university or college is prone to such c...
Enter
Code Quality and Security for C#
. Sonar offers a single cohesive
solution with a consistent set of
metrics and hundreds of static analysis
rules to detect your coding issues
early. Plus fast ...
Enter
Code Quality and Security for Java
. Hundreds of unique rules to find Java
bugs, code smells & vulnerabilities.
Sonar static analysis helps you build
and maintain high-quality Java code. Cov...
Enter
DefectDojo
. DefectDojo is a security
orchestration and vulnerability
management platform. DefectDojo allows
you to manage your application security
program, maintain pro...
Enter
Code Quality and Security for C#
. Sonar offers a single cohesive
solution with a consistent set of
metrics and hundreds of static analysis
rules to detect your coding issues
early. Plus fast ...
Enter
Code Quality and Security for Java
. Hundreds of unique rules to find Java
bugs, code smells & vulnerabilities.
Sonar static analysis helps you build
and maintain high-quality Java code. Cov...
Enter
Deffend.net Otus
. Deffend.net Otus aims to help small
companies and individuals to avoid cyber
security threats through cyber hygiene.
It runs on Windows desktop and looks for...
Enter
Sihas
. Deffend.net Sihas aims to help small
companies and individuals to avoid cyber
security threats through cyber hygiene.
It runs on Windows desktop and looks fo...
Enter
Prowler
. Prowler is an Open Source security
tool to perform AWS security best
practices assessments, audits, incident
response, continuous monitoring,
hardening, and ...
Enter
ZAP
. The OWASP Zed Attack Proxy (ZAP) is
one of the world�s most popular free
security tools and is actively
maintained by a dedicated international
team of volun...
Enter
Mythril
. Mythril is a security analysis tool
for EVM bytecode. It detects security
vulnerabilities in smart contracts built
for Ethereum, Hedera, Quorum, Vechain,
Roo...
Enter
Prowler
. Prowler is an Open Source security
tool to perform AWS security best
practices assessments, audits, incident
response, continuous monitoring,
hardening, and ...
Enter
VeraCrypt
. VeraCrypt is a free disk encryption
software brought to you by IDRIX
(https://www.idrix.fr) and based on
TrueCrypt 7.1a. It adds enhanced
security to the alg...
Enter
LibreWolf-for-Void
. A fork of Firefox, focused on
privacy, security and freedom. This
project is an independent fork of
Firefox, with the primary goals of
privacy, security and ...
Enter
openGalaxy
. This project aims to provide a method
for listening on a serial port and
decode incoming messages from a Galaxy
security control panel. The messages are
tran...
Enter
Terrascan
. Detect compliance and security
violations across Infrastructure as Code
to mitigate risk before provisioning
cloud native infrastructure. As you
embrace Infr...
Enter
Mythril
. Mythril is a security analysis tool
for EVM bytecode. It detects security
vulnerabilities in smart contracts built
for Ethereum, Hedera, Quorum, Vechain,
Roo...
Enter
TinySecuritySuite
. Tiny Security Suite is a simple
collection of portable security tools
that are essentials. It consist of
Clamwin Antivrius, PAPI Firewall, and
the developer ...
Enter
VeraCrypt
. VeraCrypt is a free disk encryption
software brought to you by IDRIX
(https://www.idrix.fr) and based on
TrueCrypt 7.1a. It adds enhanced
security to the alg...
Enter
Sn1per
. Sn1per Professional is an all-in-one
offensive security platform that
provides a comprehensive view of your
internal and external attack surface and
offers a...
Enter
Tsunami
. Tsunami is a general purpose network
security scanner with an extensible
plugin system for detecting high
severity vulnerabilities with high
confidence. When...
Enter
Enlightn
. Enlightn scans your Laravel app code
to provide you actionable
recommendations on improving its
performance, security & more.
We'll perform over 100 ...
Enter
Catnip
. Servlet container extensions that
help web developers write full featured
Java web applications.
Features:Security: XSS Filter/Valve
infrastructure for Apach...
Enter
LibreWolf-for-Void
. A fork of Firefox, focused on
privacy, security and freedom. This
project is an independent fork of
Firefox, with the primary goals of
privacy, security and ...
Enter
Terrascan
. Detect compliance and security
violations across Infrastructure as Code
to mitigate risk before provisioning
cloud native infrastructure. As you
embrace Infr...
Enter
OSCAL
. NIST is developing the Open Security
Controls Assessment Language (OSCAL), a
set of hierarchical, XML-, JSON-, and
YAML-based formats that provide a
standard...
Enter
FATE
. FATE (Federated AI Technology
Enabler) is the world's first
industrial grade federated learning open
source framework to enable enterprises
and instituti...
Enter
Tsunami
. Tsunami is a general purpose network
security scanner with an extensible
plugin system for detecting high
severity vulnerabilities with high
confidence. When...
Enter
lynis
. Lynis is a battle-tested security
tool for systems running Linux, macOS,
or Unix-based operating system. It
performs an extensive health scan of
your systems...
Enter
firejail
. Firejail is a SUID program that
reduces the risk of security breaches by
restricting the running environment of
untrusted applications using Linux
namespaces...
Enter
Enlightn
. Enlightn scans your Laravel app code
to provide you actionable
recommendations on improving its
performance, security & more.
We'll perform over 100 ...
Enter
Prueba
. This is an application that can also
be fetched from
https://sourceforge.net/projects/prueba/.
It has been hosted in OnWorks in order
to be run online in an ...
Enter
Catnip
. Servlet container extensions that
help web developers write full featured
Java web applications.
Features:Security: XSS Filter/Valve
infrastructure for Apach...
Enter
BunkerWeb
. Being a full-featured web server
(based on NGINX under the hood), it will
protect your web services to make them
"secure by default". BunkerWeb
integ...
Enter
SSH-MITM
. ssh man-in-the-middle (ssh-mitm)
server for security audits supporting
publickey authentication, session
hijacking and file manipulation.
SSH-MITM is a man i...
Enter
OWASP Juice Shop
. It can be used in security trainings,
awareness demos, CTFs and as a guinea
pig for security tools! Juice Shop
encompasses vulnerabilities from the
entire OW...
Enter
Sippts
. Sippts is a set of tools to audit
VoIP servers and devices using SIP
protocol. Sippts is programmed in Python
and it allows us to check the security
of a VoI...
Enter
Universal Password Manager
. Universal Password Manager allows you
to store all your passwords in one
highly secure encrypted database. Its
strengths are simplicity, portability
and secu...
Enter
firejail
. Firejail is a SUID program that
reduces the risk of security breaches by
restricting the running environment of
untrusted applications using Linux
namespaces...
Enter
FedStage FedSAML
. FedStage FedSAML is a software aiming
to implement security SAML2.0 standard,
supporting low ((de)serialization) and
higher level (easy way of creating and v...
Enter
Sobelow
. Sobelow is a security-focused static
analysis tool for the Phoenix framework.
For security researchers, it is a useful
tool for getting a quick view of point...
Enter
Advisory Check
. Advisory Check is a tool for
monitoring the security of installed
software. It gathers security advisories
using RSS/RDF/XML feeds, compares them
against a l...
Enter
Prueba
. This is an application that can also
be fetched from
https://sourceforge.net/projects/prueba/.
It has been hosted in OnWorks in order
to be run online in an ...
Enter
Ragna Scribe
. Ragna Scribe is a versatile text
editor which can hold multiple documents
at the same time and each document
organises a set of articles in a tree
order. The...
Enter
SIPVicious
. SIPVicious OSS has been around since
2007 and is actively updated to help
security teams, QA and developers test
SIP-based VoIP systems and applications.
Ope...
Enter
Lighthouse Ethereum
. Lighthouse is an Ethereum consensus
client that connects to other Ethereum
consensus clients to form a resilient
and decentralized proof-of-stake
blockchain....
Enter
OWASP Amass
. The OWASP Amass Project has developed
a tool to help information security
professionals perform network mapping of
attack surfaces and perform external
asset...
Enter
AWS EKS Terraform module
. Terraform module which creates AWS
EKS (Kubernetes) resources.
Windows-based node support is limited to
a default user data template that is
provided due to ...
Enter
Cibet
. The cibet framework provides
developers with functionality of the
following topics: - Dual Control (4-Eyes
Principle .) - Extended Authorisation
(Enhance Spr...
Enter
Nebular
. Nebular is a customizable Angular UI
library that contains 40+ UI components,
four visual themes, and Auth and
Security modules. Recognized at the
prestigiou...
Enter
Pacu
. Pacu (named after a type of Piranha
in the Amazon) is a comprehensive AWS
security-testing toolkit designed for
offensive security practitioners. While
sever...
Enter
SSH-MITM
. ssh man-in-the-middle (ssh-mitm)
server for security audits supporting
publickey authentication, session
hijacking and file manipulation.
SSH-MITM is a man i...
Enter
Sippts
. Sippts is a set of tools to audit
VoIP servers and devices using SIP
protocol. Sippts is programmed in Python
and it allows us to check the security
of a VoI...
Enter
FileHashler
. Java based API and console utility
for cross-platform file encryption and
archiving (currently encrypts single
files up to 9.2 EB length). Uses Twofish
(CBC)...
Enter
Falco
. Falco is a open source project to
detect abnormal application behavior in
a cloud native environment like
Kubernetes. This cloud native runtime
security proj...
Enter
BrowserBox
. Remote isolated browser API for
security, automation visibility and
interactivity. Run-on our cloud, or
bring your own. Full scope double
reverse web proxy w...
Enter
nuclei
. Nuclei is used to send requests
across targets based on a template,
leading to zero false positives and
providing fast scanning on a large
number of hosts. N...
Enter
Universal Password Manager
. Universal Password Manager allows you
to store all your passwords in one
highly secure encrypted database. Its
strengths are simplicity, portability
and secu...
Enter
bearer
. Welcome to the Bearer documentation.
Bearer is a static application security
testing (SAST) tool that scans your
source code and analyzes your data flows
to ...
Enter
Commius
. Community-based interoperability
Utility for SMEs. Commius main objective
is to support the SMEs with a zero, or
very low-cost, entry into
interoperability, ...
Enter
Sobelow
. Sobelow is a security-focused static
analysis tool for the Phoenix framework.
For security researchers, it is a useful
tool for getting a quick view of point...
Enter
FedStage FedSAML
. FedStage FedSAML is a software aiming
to implement security SAML2.0 standard,
supporting low ((de)serialization) and
higher level (easy way of creating and v...
Enter
Infection Monkey
. Infection Monkey is a open source
automated security testing tool for
testing a network's security
baseline. Monkey is a tool that infects
machines and p...
Enter
APIthet
. APIthet is an application to security
test RESTful web APIs. Assessing APIs
help in detecting security
vulnerabilities at an early stage of the
SDLC. Compare...
Enter
inventory-scoring
. A tool (adobe air) to do maturity
scoring of solutions. This is an
offspring of projet ESIS, we use this
tool with customer to assess which
solutions could b...
Enter
Ragna Scribe
. Ragna Scribe is a versatile text
editor which can hold multiple documents
at the same time and each document
organises a set of articles in a tree
order. The...
Enter
SIPVicious
. SIPVicious OSS has been around since
2007 and is actively updated to help
security teams, QA and developers test
SIP-based VoIP systems and applications.
Ope...
Enter
amazon-vpc-resource-controller-k8s
. Controller for managing Trunk &
Branch Network Interfaces on EKS Cluster
using Security Group For Pod feature and
IPv4 Addresses for Windows Node. Contro...
Enter
Application Inspector
. Microsoft Application Inspector is a
software source code characterization
tool that helps identify coding features
of first or third party software
componen...
Enter
Bandit
. Bandit is a tool designed to find
common security issues in Python code.
To do this, Bandit processes each file,
builds an AST from it, and runs
appropriate ...
Enter
AWS EKS Terraform module
. Terraform module which creates AWS
EKS (Kubernetes) resources.
Windows-based node support is limited to
a default user data template that is
provided due to ...
Enter
Lighthouse Ethereum
. Lighthouse is an Ethereum consensus
client that connects to other Ethereum
consensus clients to form a resilient
and decentralized proof-of-stake
blockchain....
Enter
secure-electron-template
. A current electron app template with
the most popular frameworks, designed
and built with security in mind. Once
cloned, install the dependencies for the
rep...
Enter
Zeek
. Zeek has a long history in the open
source and digital security worlds. Vern
Paxson began developing the project in
the 1990s under the name �Bro� as a
means...
Enter
Cipherbox
. Cipherbox is what I consider to be a
cryptographic swiss knife. It utilizes
six encryption algorithms, and it's
also a vault that's locked with four
...
Enter
Cibet
. The cibet framework provides
developers with functionality of the
following topics: - Dual Control (4-Eyes
Principle .) - Extended Authorisation
(Enhance Spr...
Enter
ELF Workbench
. ELF Workbench is a program intended
for analyzing/inspecting ELF object
files that also allows to patch them. It
provides an interactive user interface
simil...
Enter
Nebular
. Nebular is a customizable Angular UI
library that contains 40+ UI components,
four visual themes, and Auth and
Security modules. Recognized at the
prestigiou...
Enter
WipeFreeSpace
. WipeFreeSpace is a program to
securely erase/wipe/overwrite the free
space on file systems to prevent
recovery of deleted sensitive data. This
allows protect...
Enter
Powerful files and text searcher
. Last release: 29/7/2023. Enhanced
program . In the interface font size is
big for ease of access. You can download
source code that can be found in
'sour...
Enter
Mobile Verification Toolkit
. Mobile Verification Toolkit (MVT) is
a collection of utilities to simplify
and automate the process of gathering
forensic traces helpful to identify a
potent...
Enter
Media-Cert
. The Re-launch is now ready and live.
Feel free to try and enjoy it out.
Should you experience any issues just
create a ticket and I will look into it
asap. T...
Enter
UserUnlock
. There is an age old issue with
security / windows domains / shared
workstations. If several users share a
workstation, then from an audit /
security standpoi...
Enter
Falco
. Falco is a open source project to
detect abnormal application behavior in
a cloud native environment like
Kubernetes. This cloud native runtime
security proj...
Enter
FileHashler
. Java based API and console utility
for cross-platform file encryption and
archiving (currently encrypts single
files up to 9.2 EB length). Uses Twofish
(CBC)...
Enter
BrowserBox
. Remote isolated browser API for
security, automation visibility and
interactivity. Run-on our cloud, or
bring your own. Full scope double
reverse web proxy w...
Enter
nuclei
. Nuclei is used to send requests
across targets based on a template,
leading to zero false positives and
providing fast scanning on a large
number of hosts. N...
Enter
bearer
. Welcome to the Bearer documentation.
Bearer is a static application security
testing (SAST) tool that scans your
source code and analyzes your data flows
to ...
Enter
Commius
. Community-based interoperability
Utility for SMEs. Commius main objective
is to support the SMEs with a zero, or
very low-cost, entry into
interoperability, ...
Enter
CaptfEncoder
. Captfencoder is a rapid
cross-platform network security tool
suite, providing network
security-related code conversion,
classical cryptography, cryptography,...
Enter
Java Sec Code
. Java sec code is a very powerful and
friendly project for learning Java
vulnerability code. This project can
also be called Java vulnerability code.
Each vul...
Enter
Java Client for Google Maps Services
. This library brings the Google Maps
API Web Services to your server-side
Java application. Each Google Maps Web
Service request requires an API key. API
keys...
Enter
QuickPasswordGenerator
. This program generate random password
of a specified length, with numbers,
upper and lowercase letters and special
symbols. Features:Small size.Easy
interfac...
Enter
Effacor
. When a file is deleted from a device
the space for that file is merely
de-allocated. In short: The DATA
contained in that file still remains,
and can be reco...
Enter
FOSUserBundle
. The FOSUserBundle adds support for a
database-backed user system in
Symfony2+. It provides a flexible
framework for user management that aims
to handle commo...
Enter
rkt
. rkt (pronounced like a
"rocket") is a CLI for running
application containers on Linux. rkt is
designed to be secure, composable, and
standards-based....
Enter
APIthet
. APIthet is an application to security
test RESTful web APIs. Assessing APIs
help in detecting security
vulnerabilities at an early stage of the
SDLC. Compare...
Enter
Infection Monkey
. Infection Monkey is a open source
automated security testing tool for
testing a network's security
baseline. Monkey is a tool that infects
machines and p...
Enter
inventory-scoring
. A tool (adobe air) to do maturity
scoring of solutions. This is an
offspring of projet ESIS, we use this
tool with customer to assess which
solutions could b...
Enter
nodejsscan
. Static security code scanner (SAST)
for Node.js applications powered by
libsast and semgrep. nodejsscan is a
static security code scanner for Node.js
applica...
Enter
Bandit
. Bandit is a tool designed to find
common security issues in Python code.
To do this, Bandit processes each file,
builds an AST from it, and runs
appropriate ...
Enter
Django Hijack
. With Django Hijack, admins can log in
and work on behalf of other users
without having to know their
credentials. 3.x docs are available in
the docs folder. ...
Enter
Payloads All The Things
. A list of useful payloads and
bypasses for Web Application Security.
Feel free to improve with your payloads
and techniques. The API key is a unique
identifi...
Enter
LibHideIP - An IP-hiding library
. LibHideIP is a library that
on-the-fly (by preloading) prevents
programs from knowing your IP address.
This makes them unable to know and
reveal your locatio...
Enter
Zeek
. Zeek has a long history in the open
source and digital security worlds. Vern
Paxson began developing the project in
the 1990s under the name �Bro� as a
means...
Enter
SonarQube
. SonarQube empowers all developers to
write cleaner and safer code. Thousands
of automated Static Code Analysis rules,
protecting your app on multiple fronts,...
Enter
Interwhat?
. A Firefox tutorial add-on for adult
absolute beginners, to provide
information on and to build up
understanding of the threats and
features of the web. Sugge...
Enter
Outline Server
. Access to the free and open Internet.
Outline makes it easy to create a VPN
server, giving anyone access to the free
and open Internet. Outline allows anyone...
Enter
Cipherbox
. Cipherbox is what I consider to be a
cryptographic swiss knife. It utilizes
six encryption algorithms, and it's
also a vault that's locked with four
...
Enter
Arduino IDE
. This repository contains the source
code of the Arduino IDE 2.x, which is
currently in the beta stage. The Arduino
IDE 2.x is a major rewrite, sharing no
cod...
Enter
OpenWAF
. The first all-round open source Web
security protection system, more
protection than others. OpenWAF is the
first fully open source Web application
protectio...
Enter
Trivy
. Trivy is the most popular open source
security scanner, reliable, fast, and
easy to use. Use Trivy to find
vulnerabilities & IaC
misconfigurations, SBOM ...
Enter
drozer
. drozer (formerly Mercury) is the
leading security testing framework for
Android. drozer allows you to search for
security vulnerabilities in apps and
devices...
Enter
Aqeria
. Aqeria is a documentation and
records-management utility for
psychiatric clinics, designed to
expedite creation, management, and
viewing of patient records, ...
Enter
boundman
. Boundman is an advanced,
user-friendly, and sleek application
designed to take control over your
network connections. It allows you to
efficiently manage and...
Enter
truffleHog
. truffleHog searches through git
repositories for high entropy strings
and secrets, digging deep into commit
history. TruffleHog runs behind the
scenes to sca...
Enter
Mobile Verification Toolkit
. Mobile Verification Toolkit (MVT) is
a collection of utilities to simplify
and automate the process of gathering
forensic traces helpful to identify a
potent...
Enter
Powerful files and text searcher
. Last release: 29/7/2023. Enhanced
program. The interface font size is big
for ease of access. You can download
source code that can be found in
'source c...
Enter
tfsec
. tfsec is a static analysis security
scanner for your Terraform code.
Designed to run locally and in your CI
pipelines, developer-friendly output and
fully do...
Enter
Sureness
. Sureness allows you to security any
server written with jvm modern
frameworks such as Spring, Spring Boot,
Spring WebFlux, Javalin, Quarkus,
Micronaut, Solon...
Enter
Slim Toolkit
. Inspect, Optimize and Debug Your
Containers. You don't have to change
anything in your application images to
make them smaller! Keep doing what you
are d...
Enter
Rancher
. From datacenter to cloud to edge,
Rancher lets you deliver
Kubernetes-as-a-Service. Rancher is a
complete software stack for teams
adopting containers. It ad...
Enter
LibNetBlock - A Network Blocking Library
. LibNetBlock is a library that
on-the-fly (by preloading) prevents a
program under its control to use the
network, to help to keep the user's
privacy, pre...
Enter
DVWA
. Damn Vulnerable Web App (DVWA) is a
PHP/MySQL web application that is damn
vulnerable. Its main goals are to be an
aid for security professionals to test
the...
Enter
DevSec Hardening
. Hardening adds a layer into your
automation framework, that configures
your operating systems and services. It
takes care of difficult settings,
compliance g...
Enter
Java Sec Code
. Java sec code is a very powerful and
friendly project for learning Java
vulnerability code. This project can
also be called Java vulnerability code.
Each vul...
Enter
CrowdSec
. CrowdSec - an open-source massively
multiplayer firewall able to analyze
visitor behavior & provide an
adapted response to all kinds of
attacks. It also ...
Enter
Java Client for Google Maps Services
. This library brings the Google Maps
API Web Services to your server-side
Java application. Each Google Maps Web
Service request requires an API key. API
keys...
Enter
frida
. Dynamic instrumentation toolkit for
developers, reverse-engineers, and
security researchers. Inject your own
scripts into black box processes. Hook
any funct...
Enter
FOSUserBundle
. The FOSUserBundle adds support for a
database-backed user system in
Symfony2+. It provides a flexible
framework for user management that aims
to handle commo...
Enter
rkt
. rkt (pronounced like a
"rocket") is a CLI for running
application containers on Linux. rkt is
designed to be secure, composable, and
standards-based....
Enter
Wapiti
. Wapiti is a vulnerability scanner for
web applications. It currently search
vulnerabilities like XSS, SQL and XPath
injections, file inclusions, command
exec...
Enter
CloudQuery
. CloudQuery extracts, transforms and
loads your cloud assets into normalized
PostgreSQL tables. CloudQuery enables
you to assess, audit, and monitor the
confi...
Enter
Visitor ID Management System
. Everything You Need to Print
Professional-Quality Cards Set up your
card printing system and begin producing
photo IDs in minutes with this
Solution�no softw...
Enter
Ajv JSON schema validator
. Security and reliability for
JavaScript applications. Ensure your
data is valid as soon as it's
received. Instead of having your data
validation and sani...
Enter
InQL Scanner
. A security testing tool to facilitate
GraphQL technology security auditing
efforts. InQL can be used as a
stand-alone script or as a Burp Suite
extension. Si...
Enter
securitytf_jp
. Japan OSS Promotion Forum Security
Task Force. Audience: Government, System
Administrators. Categories:Enterprise,
Security...
Enter
Django Hijack
. With Django Hijack, admins can log in
and work on behalf of other users
without having to know their
credentials. 3.x docs are available in
the docs folder. ...
Enter
drozer
. drozer (formerly Mercury) is the
leading security testing framework for
Android. drozer allows you to search for
security vulnerabilities in apps and
devices...
Enter
OpenWAF
. The first all-round open source Web
security protection system, more
protection than others. OpenWAF is the
first fully open source Web application
protectio...
Enter
SonarQube
. SonarQube empowers all developers to
write cleaner and safer code. Thousands
of automated Static Code Analysis rules,
protecting your app on multiple fronts,...
Enter
caplisp
. CapLisp is a capability security
layer for Common Lisp that provides
various facilities for secure,
distributed computing. Audience:
Developers. Programming ...
Enter
Slim Toolkit
. Inspect, Optimize and Debug Your
Containers. You don't have to change
anything in your application images to
make them smaller! Keep doing what you
are d...
Enter
nebula
. Nebula is a scalable overlay
networking tool with a focus on
performance, simplicity and security. It
lets you seamlessly connect computers
anywhere in the w...
Enter
PSIA
. The Physical Security
Interoperability Alliance (PSIA) was
founded to promote the interoperability
of IP enabled security devices and
systems using freely av...
Enter
truffleHog
. truffleHog searches through git
repositories for high entropy strings
and secrets, digging deep into commit
history. TruffleHog runs behind the
scenes to sca...
Enter
LibSecRm - Secure Removal Library
. LibSecRm (LIBrary for SECure ReMoval)
is a set of replacements for these
standard C functions which cause data
removing from files. The data is first
securel...
Enter
Zero Site Protector
. The zero-site-protector plugin is a
powerful security tool for your website
that provides multiple layers of
protection to safeguard against
unauthorized acc...
Enter
Rancher
. From datacenter to cloud to edge,
Rancher lets you deliver
Kubernetes-as-a-Service. Rancher is a
complete software stack for teams
adopting containers. It ad...
Enter
multiOTP open source
. multiOTP is a PHP class, a powerful
command line utility and a web interface
developed by SysCo syst�mes de
communication sa in order to provide a
completely...
Enter
Rootkit Hunter
. Rootkit Hunter, security monitoring
and analyzing tool for POSIX compliant
systems. Programming Language: Unix
Shell, Perl. Categories:Security...
Enter
Sureness
. Sureness allows you to security any
server written with jvm modern
frameworks such as Spring, Spring Boot,
Spring WebFlux, Javalin, Quarkus,
Micronaut, Solon...
Enter
Fake Name Generator
. Program generates as many fake names
as you want in lots of different
languages. Works in Linux, *BSD &
Windows. Version 2.0x saves the names to
a file c...
Enter
Lantern
. Can't access your favorite apps?
Download Lantern to easily access
videos, messaging, and other popular
apps while at school or work. Lantern is
an appli...
Enter
CrowdSec
. CrowdSec - an open-source massively
multiplayer firewall able to analyze
visitor behavior & provide an
adapted response to all kinds of
attacks. It also ...
Enter
Alarmas
. Yet another alarms program with
features as file modification alarm
(maybe useful for security auditories),
alarms file saving possibility and of
course time...
Enter
ASP.NET Minimal APIs Made Easy
. It nudges you towards the REPR Design
Pattern (Request-Endpoint-Response) for
convenient & maintainable endpoint
creation with virtually no boilerplate. ...
Enter
DVWA
. Damn Vulnerable Web App (DVWA) is a
PHP/MySQL web application that is damn
vulnerable. Its main goals are to be an
aid for security professionals to test
the...
Enter
Keeper Wallet
. High-security wallet with swapping
capabilities. Keeper Wallet is your
entry point to the Waves blockchain and
Waves-powered web services. Seed phrases
and p...
Enter
WAPI
. WAPI, or WOMBAT API, is a SOAP-based
API built in the context of the WOMBAT
FP7 project
(http://www.wombat-project.eu) to
facilitate the remote access and ex...
Enter
LogicalSets
. This is an advanced data architecture
and methodology. A comprehensive
Enterprise Resource Management System. A
re-usable database with rules for
customizati...
Enter
Visitor ID Management System
. Everything You Need to Print
Professional-Quality Cards Set up your
card printing system and begin producing
photo IDs in minutes with this
Solution�no softw...
Enter
FlashPolicyServer
. The newly introduced security policy
for Flash requires the servers to serve
the security policy for allowing socket
connections to their servers at port 843...
Enter
Wapiti
. Wapiti is a vulnerability scanner for
web applications. It currently search
vulnerabilities like XSS, SQL and XPath
injections, file inclusions, command
exec...
Enter
NARC
. NARC Network Analysis Reporting
Console takes output from security tools
like Nessus, and NMap & populates a
database via automated scripts for
reporting...
Enter
CloudQuery
. CloudQuery extracts, transforms and
loads your cloud assets into normalized
PostgreSQL tables. CloudQuery enables
you to assess, audit, and monitor the
confi...
Enter
Ajv JSON schema validator
. Security and reliability for
JavaScript applications. Ensure your
data is valid as soon as it's
received. Instead of having your data
validation and sani...
Enter
OCD-01
. OCD is a simple web UI written in PHP
[and little CSS]. It displays dashboard
of current OSSEC activity. Originally
written to allow NOC to monitor OSSEC
eve...
Enter
InQL Scanner
. A security testing tool to facilitate
GraphQL technology security auditing
efforts. InQL can be used as a
stand-alone script or as a Burp Suite
extension. Si...
Enter
Timestamps
. Timestamps uses stat and debugfs to
determine the creation date and time of
a file or files contained within a
directory. Why not just use ls -la or
stat alo...
Enter
Cafeto
. Implementation of standard of
security alerts IDMEF in platform J2EE
with WebService, JMS and RMI. Audience:
Information Technology, System
Administrators. U...
Enter
Online Songbook
. The Online Songbook is a web
interface to a database of songs. Allows
users to collaboratively edit songs in
ChordPro format, create and share
collections of...
Enter
turniket
. system is designed to control staff
access to production databases, as well
as taking into account their passage of
time. Features:Platform: raspberry
pi(OS:...
Enter
Zero Site Protector
. The zero-site-protector plugin is a
powerful security tool for your website
that provides multiple layers of
protection to safeguard against
unauthorized acc...
Enter
PSIA
. The Physical Security
Interoperability Alliance (PSIA) was
founded to promote the interoperability
of IP enabled security devices and
systems using freely av...
Enter
ClamSAP
. ClamSAP exists of two 'C'
shared libraries which link between
ClamAV and the Virus Scan Interface
(VSI) of SAP (offical name: NW-VSI). A
SAP applicat...
Enter
microsoft telemetry-tools
. complete set of tools for windows
security analysis and protection.
Categories:Security, Vulnerability
Scanners...
Enter