30 open-source projects similar to sorkila/lockpaw, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Lockpaw alternative.
:link: Link-Layer MAC spoofing GUI for macOS
Automatically audit your Mac for basic security hygiene.
Nikto is an open-source HTTP security auditing tool and web server vulnerability scanner. It functions as a reconnaissance engine designed to identify insecure server options, outdated software, and common vulnerabilities by analyzing HTTP responses. The project differentiates itself through capabilities for intrusion detection evasion and web server fingerprinting. It uses request-level encoding and timing spacers to bypass security filters and employs signature-based identification to determine specific server software versions and misconfigurations. The scanner covers broad capability are
This project is a comprehensive API security audit checklist and vulnerability audit framework. It provides a structured guide of security countermeasures for designing, testing, and deploying secure APIs across various protocols. The framework includes specialized guides for securing OAuth 2.0 authorization flows, implementing zero trust networking for service-to-service communication, and protecting GraphQL endpoints from resource exhaustion and information leakage. It also provides standards for integrating static analysis, dynamic scanning, and secret detection into CI/CD delivery pipelin
Visually explore all running tasks (processes) ....viewing its signature status, loaded dylibs, open files, network connection, and much more.
Use your phone's fingerprint to authenticate on any Mac — sudo, screensaver, App Store. No $199 Magic Keyboard needed. Works with iPhone, Android, Apple Watch, Wear OS, or any browser. Ready for MacBook Neo.
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
A curated list of annual cyber security reports
A curated list of awesome things related to Suricata
This project serves as a comprehensive cybersecurity training platform and resource repository focused on web application security. It functions as a centralized hub for security practitioners, providing both a curated collection of technical documentation and research, and a system for deploying isolated, containerized environments to practice security analysis and exploitation techniques. The platform distinguishes itself by integrating automated data aggregation with hands-on, container-based orchestration. It maintains a current knowledge base of industry research and digital threats whil
OverSight monitors a mac's mic and webcam, alerting the user when the internal mic is activated, or whenever a process accesses the webcam.
Amass is an attack surface management tool designed to identify, map, and inventory an organization's internet-facing digital assets. It functions as a security asset discovery engine that systematically expands an organization's known infrastructure footprint through recursive domain name resolution and the collection of intelligence from diverse public data sources. The platform distinguishes itself by utilizing a graph-based modeling approach to organize discovered resources. By maintaining a persistent graph database, it tracks the relationships between infrastructure components and norma
In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains:
Patch-level verification for Bundler
Hacker101 is a cybersecurity education platform and web security training portal. It serves as a structured collection of lessons and resources designed to teach students about vulnerability research and penetration testing through guided modules. The platform operates as a static site generator and markdown-based content manager. It uses plain text files with structured metadata to define the hierarchy and properties of educational lessons, transforming this content into pre-rendered HTML files for delivery. The curriculum covers a broad domain of security education, including specialized c
Sherlock is a command-line automation tool designed to orchestrate software build, execution, and deployment workflows. It functions as an ephemeral runtime orchestrator that executes applications directly from source code, bypassing the need for persistent system-wide installations or manual dependency management. By providing a unified, containerized development environment, it ensures that application dependencies and infrastructure configurations remain consistent across diverse host operating systems. The project distinguishes itself through its ability to synthesize container images dec
Security auditing tool for AWS environments
Easily configure macOS security settings from the terminal.
macOS vulnerability management for individuals
Anti-forensic macOS tray application designed to safeguard your system by monitoring USB ports.
LuLu is an open-source application firewall designed for macOS that monitors and controls outgoing network traffic. It functions by intercepting connection attempts at the system level, allowing users to approve or deny network access for individual programs to prevent unauthorized data transmission. The software provides granular control over application-level communication, ensuring that only trusted or explicitly permitted software can establish external connections. By maintaining stateful tracking of network flows and validating the cryptographic signatures of requesting binaries, it pro
Ghidra is a software reverse engineering suite designed to analyze compiled binaries and reconstruct program logic without access to original source code. It provides an interactive environment for disassembly and decompilation, utilizing a platform-independent intermediate representation to maintain consistency across diverse hardware architectures. The framework supports automated binary analysis through programmatic routines, enabling the investigation of complex code patterns and security indicators. The platform distinguishes itself through a modular architecture that allows for extensiv
BlockBlock provides continual protection by monitoring persistence locations.
View all modules on that are loaded in the OS kernel
This project is an automated security testing suite designed to detect and exploit database vulnerabilities. It functions as a command-line utility that streamlines the identification, verification, and exploitation of web application flaws by automating the injection of malicious payloads into input parameters. The tool provides a comprehensive framework for database enumeration, allowing users to extract schema information, user data, and system configurations from identified injection points. What distinguishes this tool is its sophisticated engine for dynamic payload adaptation and heuris
WhatsYourSign adds a menu item to Finder.app. Simply right-, or control-click on any file to display its cryptographic signing information!
Manages application of security headers with many safe defaults