Skip to content

List of tools for SecDevOps, vulnerability analysis, network scanning

License

Notifications You must be signed in to change notification settings

Myskiv-Ivan/SecTools

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

48 Commits
 
 
 
 
 
 
 
 

Repository files navigation

This repository is a collection of hacker tools, resources, and links for vulnerability analysis. Most tools are UNIX-compliant, free, and open source.

🔭 OSINT:

Open-source intelligence (OSINT) is intelligence collected from publicly available sources.

Localized search engines by country.

Search for all kind of files.


🔨 SecAnalysisTools:

Vulnerability Assessment and Management Systems

Software Category Update Last 6 mouth
Archerysec Vulnerability Assessment and Management ✔️
DefectDojo Vulnerability Assessment and Management ✔️
faraday Vulnerability Assessment and Management ✔️
rengine Vulnerability Assessment and Management, Scanner ✔️

Vulnerability Analysis Software.

Software Category Update Last 6 mouth
hydra Password-cracker ✔️
Vuls Vulnerability Assessment and Management ✔️
Metasploit Exploit Framework ✔️
MobSF Exploit Framework (for Mobile) ✔️
git-secret Cryptography ✔️
truffleHog Secret finding
GitLeaks Secret finding ✔️
RedTeamScripts C# scripts ✔️
knock Subdomain Enumeration
SubDomainsBrute Subdomain Enumeration ✔️
SubDomain3 Subdomain Enumeration ✔️
domained Subdomain Enumeration ✔️
routerslpoit Exploit Framework
BeFF Exploit Framework ✔️

SAST:

Software Analyze Code Update Last 6 mouth
Insider Java, Kotlin, Swift, .NET, C#, Javascript ✔️
Bearer JavaScript/TypeScript, Ruby, PHP, Java (Beta), Go (Beta), Python (Alpha) ✔️
Infer# C# ✔️
SpotBugs Java ✔️
PVS-Studio Multilanguage ✔️
PMD Multilanguage ✔️
PHPvulnhunter PHP
FindSecBug Java web, Andriod, Scala, Kotlin, Groovy ✔️
codechecker C/C++ ✔️
cppcheck C/C++ ✔️
cobra PHP,Java
brakeman Ruby on Rails ✔️
SecCodeScan C#, VB.NET ✔️
Cascade C#
Bandit Python ✔️
LLVM Clang C, Objective-C, C++ and Objective-C++ ✔️
Codemodder Java, Python, fixes non-trivial security issues and other code quality problems ✔️

DAST, IAST:

Software Description Update Last 6 mouth
Snyk Scanner Source Code ✔️
Contrast Application Scanner Framework ✔️
CloudSploit Analyze Cloud Infrastructure ✔️
SonaQube Application Scanner Framework ✔️
WhiteSourceSoft Application Scanner Framework ✔️
PT Application Inspector Application Scanner Framework ✔️

SCA, IAC

SBOM

Scanners:

Software Category Update Last 6 mouth
Tsunami Scanner ✔️
WATOBO Web Scanner ✔️
Osmedeus Scanner ✔️
OneForAll Scanner ✔️
osprey Web Scanner
Xray Web Scanner ✔️
AZScanner Scanner
GroundScan Scanner
BBScan Scanner
AnyScan Scanner
WAScan Web Scanner ✔️
YukiChan Scanner
Poscan Scanner
w3af Web Scanner
sn1per Scanner ✔️
Scanless Scanner ✔️
NoSQLMap NoSQL Scanner ✔️
Nmap Scanner ✔️
NetSparker Scanner ✔️
Wapiti Web Scanner ✔️
Golismero Scanner ✔️
Nexpose Scanner ✔️
Raccoon Scanner
WhatWeb Web Scanner ✔️
Puma Scan Scanner Analysis ✔️
Arachni Web Scanner
Legion Scanner ✔️
Nessus Scanner ✔️
OpenVAS Scanner ✔️
Acuentrix Scanner ✔️
Nikto Web Scanner ✔️
Sqlmap SQL Scanner ✔️
Striker Scanner
Zaproxy Web Scanner ✔️
AutoRecon Scanner ✔️
ScanOval Application Vulnerabilities in XML files ✔️

📂 Vulnerability Database:

Data Description
CVE Common Vulnerabilities and Exposures system provides a reference-method for publicly known information-security vulnerabilities and exposures
Exploitdb The Exploit Database - Exploits, Shellcode, 0days, Remote Exploits, Local Exploits, Web Apps, Vulnerability Reports, Security Articles, Tutorials and more
0day 0day Today is the ultimate database of exploits and vulnerabilities and a great resource for vulnerability researchers and security professionals
NVD NIST NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP)
Vuldb Vulnerability database documenting and explaining security vulnerabilities and exploits
Synk Vulnerability database detailed information and remediation guidance for known vulnerabilities