26 مستودعات
Tools and resources for identifying security flaws through testing.
Distinguishing note: Focuses on auditing, distinct from general testing.
Explore 26 awesome GitHub repositories matching security & cryptography · Security Auditing Tools. Refine with filters or upvote what's useful.
Developer Roadmap هي منصة يقودها المجتمع توفر مسارات تعليمية منظمة وقائمة على الرسوم البيانية لهندسة البرمجيات. تعمل كمستودع معرفي شامل حيث يتم تنظيم المجالات التقنية في تسلسلات مرئية لتوجيه اكتساب المهارات المهنية والنمو الوظيفي. يتميز المشروع بنظام بيئي تعاوني يتيح للمستخدمين المساهمة في خرائط الطريق، وتنظيم أفضل ممارسات الصناعة، والحفاظ على الملفات الشخصية المهنية. يدمج أطر تقييم تشخيصية لتقييم الكفاءة التقنية، مما يساعد المطورين على تحديد فجوات المعرفة والتحضير للمقابلات المهنية من خلال تسلسلات تعليمية مستهدفة. إلى جانب قدرات التخطيط الأساسية، توفر المنصة أفكاراً لمشاريع عملية ودروساً تفاعلية لتعزيز المفاهيم الهندسية. وتوفر مساحة مركزية للمجتمع لمشاركة الموارد، وتتبع تطوير المهارات التدريجي، والتنقل في المشاهد التقنية المعقدة.
Provides automated diagnostic checks to identify security misconfigurations and insecure policies within the deployment.
Jadx is a comprehensive Java decompilation suite designed to transform compiled binary application files into readable source code. It functions as a static analysis workbench, providing a graphical interface for navigating, searching, and inspecting the internal logic of complex software packages. By utilizing a bytecode-to-Java pipeline, the project reconstructs high-level logical structures from low-level binary instructions, making it a primary tool for Android application reverse engineering. The project distinguishes itself through a sophisticated control flow reconstruction engine and
Reviews compiled software to verify security compliance and identify flaws in data handling.
This project is a cross-platform desktop application that functions as a graphical shell replacement. Built using web technologies, it provides a unified workspace that integrates a terminal emulator with real-time system monitoring tools, allowing users to interact with their operating system through a touch-friendly, native-like interface. The application distinguishes itself through a highly customizable layout engine that uses external configuration files to arrange interface components. It features a distinct visual aesthetic and wraps standard terminal emulation within a graphical conta
Compares current software versions against official releases to identify required security updates.
Masscan is a command-line network scanner designed for large-scale discovery and infrastructure reconnaissance. It identifies open ports across specific network segments or the entire internet by probing vast address ranges with high efficiency. The tool functions as an asynchronous packet engine, bypassing standard operating system kernel networking stacks to transmit raw packets directly from application memory. The project distinguishes itself through a specialized architecture that manages millions of concurrent connections by separating packet transmission and reception into independent
Identifies potential vulnerabilities by systematically probing for open ports and services.
BCC is an eBPF development toolkit and tracing framework used for monitoring and analyzing the Linux kernel. It functions as a performance analysis tool and debugging utility to capture system events, measure kernel latency, and provide network observability. The project distinguishes itself by providing a build system that integrates with LLVM to compile C-like code into BPF bytecode at runtime. It utilizes BPF Type Format data for relocations to maintain cross-kernel compatibility and extracts kernel headers to ensure the generated programs match the specific kernel version. The toolkit co
Provides capabilities to instrument security module hooks for auditing events and implementing access control.
This project is a terminal-based log analyzer and real-time traffic monitoring system designed for web server environments. It processes raw server access logs to generate structured statistical insights, providing visibility into visitor behavior, bandwidth usage, and request latency. The tool functions as a high-performance utility capable of handling large-scale datasets through multi-threaded parsing and memory-efficient data structures. The software distinguishes itself by offering both an interactive terminal interface and a web-based dashboard that updates in real-time via WebSocket st
Detects aggressive bots, malicious traffic patterns, and geographic origins of requests to improve the security of web services.
PEASS-ng is a Linux privilege escalation scanner and post-exploitation enumeration tool. It identifies security vulnerabilities and misconfigurations on Linux systems that could lead to unauthorized elevated access. The tool functions as a security audit utility that discovers system weaknesses and sensitive information after initial access is gained. It scans operating systems to identify specific privilege escalation paths. Findings are converted into structured security audit reports. The tool supports exporting scan results into JSON, HTML, and PDF formats for formal analysis and documen
Functions as a security auditing tool that detects privilege escalation paths and generates structured reports.
This project provides a comprehensive, self-hosted platform for zero-knowledge credential management and enterprise secrets orchestration. It functions as a secure vault that ensures all encryption and decryption processes occur exclusively on the client side, preventing the server from ever accessing plaintext data. By combining identity federation with robust access controls, the system enables organizations to centralize the management of passwords, passkeys, and sensitive infrastructure credentials. The platform distinguishes itself through its focus on both human-centric security and aut
Scans local credentials to identify weak or reused passwords without exposing unencrypted data.
Lynis is an automated security auditing and system hardening framework designed for UNIX-based operating systems. It functions as a command-line utility that inspects local system configurations to identify security vulnerabilities, configuration weaknesses, and compliance gaps. By executing a series of modular tests, the tool generates actionable reports and remediation suggestions to assist in strengthening system defenses. The project distinguishes itself through a highly modular architecture that relies on shell-script-based execution and native system inspection. Users can define custom
Functions as a command-line auditing tool that identifies security flaws and compliance gaps through automated testing on UNIX systems.
Git-secrets is a security utility designed to prevent the accidental exposure of sensitive credentials by integrating automated scanning directly into the version control commit lifecycle. It functions as a commit scanner that evaluates staged files and commit messages against defined security policies before changes are finalized in a repository. The tool utilizes regular expression pattern matching to identify potential secrets and supports the registration of custom patterns to address specific organizational security requirements. To manage operational friction, it includes mechanisms for
Analyzes entire project history to identify and report previously committed secrets that may have been accidentally exposed.
Vuls is an agentless vulnerability scanner and CVE intelligence aggregator. It identifies security flaws in operating systems, containers, and network devices without requiring the installation of permanent software agents on target machines. The project distinguishes itself by cross-referencing software versions against multiple vulnerability databases, security advisories, and known exploit catalogs. It utilizes platform-based enumeration and lockfile analysis to detect vulnerabilities in network hardware, programming libraries, and website plugins. The tool covers a broad range of securit
Allows security audits to be run directly on a target machine to eliminate the need for central SSH connectivity.
Nikto is an open-source HTTP security auditing tool and web server vulnerability scanner. It functions as a reconnaissance engine designed to identify insecure server options, outdated software, and common vulnerabilities by analyzing HTTP responses. The project differentiates itself through capabilities for intrusion detection evasion and web server fingerprinting. It uses request-level encoding and timing spacers to bypass security filters and employs signature-based identification to determine specific server software versions and misconfigurations. The scanner covers broad capability are
Identifies insecure server options and common vulnerabilities by analyzing HTTP responses.
LinEnum is a suite of security utilities for auditing Linux systems, scanning for privilege escalation paths, and enumerating local vulnerabilities. It functions as a system security audit tool, a local enumeration utility, and a scanner for identifying misconfigurations that could allow a user to gain root access. The project includes specialized auditing for containerized environments, specifically detecting Docker and LXC signatures to identify potential escape vectors to the host system. Its broader capabilities cover the analysis of kernel versions, the identification of SUID binaries a
Performs a suite of checks on kernel versions, cron jobs, and SUID binaries to evaluate security posture.
Commando-VM is a Windows penetration testing distribution and offensive security toolkit. It provides a specialized virtual machine environment loaded with a curated suite of security auditing and exploitation tools designed for red teaming operations. The project facilitates the creation of red team infrastructure and security audit environments. It focuses on windows security auditing and penetration testing to help simulate adversary behavior and identify exploitable security flaws. The environment is established through script-based provisioning and modular toolset deployment. This proce
Includes a curated set of security auditing tools to identify misconfigurations and flaws in Windows environments.
ScoutSuite is a multi-cloud security audit and configuration tool designed to identify security risks and misconfigurations across cloud environments. It functions as a security posture manager and compliance auditor, gathering resource metadata from cloud APIs to evaluate infrastructure against security benchmarks. The tool provides auditing capabilities for AWS, Google Cloud, DigitalOcean, and Kubernetes clusters and control planes. It distinguishes itself by decoupling data collection from analysis, allowing users to cache cloud configurations locally for offline auditing and iterative rul
Gathers configuration data from DigitalOcean APIs to perform security posture assessments.
tfsec is a static analysis tool and infrastructure as code linter designed to detect security misconfigurations and compliance violations in Terraform infrastructure code. It functions as a cloud security posture tool and policy enforcement engine that evaluates configurations against established security benchmarks. The tool provides multi-cloud security auditing for providers including AWS, Azure, Google Cloud, and Kubernetes, as well as specialized scanning for DigitalOcean, OpenStack, CloudStack, and GitHub configurations. It identifies insecure settings such as public access or unencrypt
Analyzes DigitalOcean compute and storage configurations for security misconfigurations.
This project is a security auditing tool and vulnerability scanner designed to evaluate the security posture of Linux hosts. It functions as a privilege escalation auditor that scans running kernels for missing security patches and vulnerabilities to identify potential paths for gaining root access. The utility performs kernel security analysis by matching system version strings against a database of known exploits. It audits kernel hardening settings and evaluates system exposure to categorize the probability of successful privilege escalation attacks. The tool covers a broad range of asses
Evaluates kernel configurations and system exposure to determine the overall security posture of a Linux host.
linux-exploit-suggester is a diagnostic utility and vulnerability scanner designed to identify potential kernel exploits on Linux systems. It functions as a privilege escalation auditor by matching system information and kernel versions against a database of known security flaws. The tool differentiates itself by filtering and ranking exploits based on specific system properties and runtime security configurations. It evaluates kernel hardening settings, such as memory protection mechanisms, to discard inapplicable exploits and prioritize candidates by their probability of success. The softw
Evaluates kernel hardening settings and system exposure to public security flaws.
w3af is a web penetration testing suite and security audit framework designed to identify and exploit vulnerabilities in web applications. It functions as a vulnerability scanner that crawls targets to find injection points and a fuzzer used to discover hidden endpoints and test input validation. The project distinguishes itself by providing an intercepting HTTP proxy for capturing and modifying traffic, combined with a knowledge-base driven exploitation system. It enables the execution of security exploits to gain remote shell access and supports post-exploitation activities, such as routing
Provides a containerized environment for running comprehensive security scans and managing vulnerability plugins.
Tetragon هي مجموعة أدوات أمنية ومراقبة تعتمد على eBPF مصممة لبيئات Linux وKubernetes. تعمل كمدير لسياسات الأمان، وعميل للمراقبة، ومحرك لفرض القواعد، حيث ترتبط بوظائف النواة (Kernel functions) ونقاط التتبع لاكتشاف تصعيد الامتيازات، وهروب الحاويات، والأنشطة غير المصرح بها في النظام. يتميز المشروع بقدرته على فرض القواعد في الوقت الفعلي داخل النواة، مما يسمح بإنهاء العمليات الضارة بشكل متزامن أو تعديل قيم إرجاع الوظائف قبل اكتمال استدعاء النظام. يوفر تكاملاً عميقاً مع Kubernetes من خلال مزامنة هويات الحاويات وربط أحداث النواة منخفضة المستوى مباشرة بـ Pods وNamespaces. تغطي قدراته الأوسع تدقيق استدعاءات النظام الشامل، وتتبع اتصالات الشبكة، ومراقبة سلامة الملفات. يدعم النظام إدارة السياسات الديناميكية ويوفر أدوات تشخيصية لمراقبة أداء BPF واستخدام الموارد. يتم دعم النشر عبر مجموعات Kubernetes باستخدام Helm charts، بالإضافة إلى الحاويات المستقلة وحزم أنظمة التشغيل الأصلية.
Tracks BPF program loading and kernel module activity using kernel-level hooks to identify malicious actors.