5 Repos
Scalable architectures that distribute security auditing tasks across multiple nodes to handle large-scale targets.
Distinguishing note: No candidates cover the architectural distribution of security scans; existing options are for data, rendering, or generic actor scaling.
Explore 5 awesome GitHub repositories matching security & cryptography · Distributed Security Scanning Frameworks. Refine with filters or upvote what's useful.
Osmedeus is a security workflow orchestration engine that coordinates AI agents, shell commands, and scanning tools through declarative YAML pipelines. It functions as a distributed security scanner, a declarative workflow automator, and an AI agent framework for security, enabling automated multi-step security analysis with conditional branching, parallel execution, and distributed workers. The engine distinguishes itself through a hybrid runner model that executes workflow steps on the local host, inside Docker containers, or over SSH to remote machines, selected per step or module. It supp
Runs large-scale security scans across cloud instances with automatic provisioning, cost controls, and result synchronization.
ThreatMapper is a cloud native application protection platform and infrastructure security scanner. It functions as a vulnerability management system and cloud workload telemetry collector designed to monitor workloads and detect security risks across cloud and container environments. The platform distinguishes itself through a network traffic visualizer that uses machine learning to classify communication patterns and a graph-based attack mapping system to identify high-risk paths between vulnerabilities and network dependencies. Its broader capabilities cover cloud infrastructure complianc
Deploys containerized scanning components across diverse environments to detect vulnerabilities and secrets in production.
Axiom is a cloud infrastructure orchestrator and distributed security scanning framework. It serves as a manager for deploying, snapshotting, and destroying disposable virtual machine fleets across multiple cloud providers and regions. The project distinguishes itself by automating the provisioning of vulnerability toolsets and security auditing software across these remote servers. It features a mechanism for distributing security scans by sharding target lists across a fleet of instances and aggregating the resulting data into unified files and HTML reports. The system covers a broad range
Implements a scalable architecture that distributes security auditing tasks across multiple provisioned cloud nodes.
Arachni is a dynamic application security testing vulnerability scanner and web application security tool. It functions as a distributed web audit framework that performs active and passive audits to identify security flaws such as SQL injection and cross-site scripting. The project features a JavaScript-aware web crawler that executes scripts and monitors DOM changes to analyze modern dynamic web applications. It utilizes server platform fingerprinting to target compatible security payloads and provides a grid-based system to distribute scanning workloads across multiple nodes. The tool cov
Implements a grid-based system to distribute scanning workloads across multiple nodes for large-scale web environment analysis.
ScopeSentry ist eine verteilte Plattform für das Angriffsflächenmanagement, die darauf ausgelegt ist, digitale Assets zu katalogisieren und Sicherheitsbewertungen über große Netzwerkumgebungen hinweg zu automatisieren. Sie fungiert als Tool zur Netzwerkerkennung und Schwachstellen-Scanner und bietet ein Framework zur Aufrechterhaltung der Sichtbarkeit über die organisatorische Infrastruktur. Die Plattform zeichnet sich durch eine verteilte Architektur aus, die Worker-Nodes orchestriert, um Sicherheitsaufgaben parallel auszuführen. Sie nutzt einen ereignisgesteuerten Erkennungsprozess, um neue Assets und Subdomänen zu identifizieren, und führt eine zustandsbehaftete Aufzeichnung von Konfigurationen und Schwächen, um die langfristige Erkennung von Änderungen zu erleichtern. Das System unterstützt eine modulare Ausführungspipeline, die die Integration benutzerdefinierter Plugins und Sicherheitsdienstprogramme von Drittanbietern ermöglicht. Diese Erweiterbarkeit ermöglicht eine umfassende Überwachung von Web-Assets, automatisierte Subdomänen-Enumeration und die Identifizierung von Fehlkonfigurationen oder Lecks sensibler Informationen über verteilte Umgebungen hinweg.
Distributes security tasks across multiple computing nodes to increase scanning speed and performance.