#Auditing
Showing 45 of 45 repositories tagged #auditing, ranked by stars
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Multi-Cloud Security Auditing Tool
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
the TCPdump network dissector
本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。
The missing reverse proxy for ssh scp
Agentlens is a trusted agent trading platform. Here, you can quickly find the Agent that meets your needs, and you can also publish your own Agent to turn it into your digital asset. We encourage everyone to transform their areas of expertise into Agents and turn them into digital assets, allowing others to see your unique strengths.
Observations and tips checklist for auditing protocols on multiple chains 🧐
Documentation and scripts to properly enable Windows event logs.
Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.
Security Auditor Utility for GraphQL APIs
The best way to scan for weak ssh passwords on your network
A tiny web auditor with strong opinions.
A curated list of smart contract attack vectors
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.
This repository contains a list of the most popular and widely used tools in web3 security. If you find any tools missing, you can create a pull request and be a contribute the project.
Modern alternative to dirbuster/dirb
For auditing what collaborators, hooks, and deploy keys you have added on all your GitHub repositories.
Run a security scan on your server and identify common gaps. Get your VPS ready for production.
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Python implementation of Benford's Law tests.
The first Claude skill for writing production-grade, security-first Solana programs. Anchor & Native Rust. Built by Frank Castle.
Provides various Windows Server Active Directory (AD) security-focused reports.
tooling to make audited kubectl exec easy
🐒 A service registry for humans
Kubernetes audit logging, when you don't control the control plane
INTERCEPT / Policy as Code Auditing
All-in-one collection of tools to run linting, validation, static code analysis, security scanning, tests, auditing, kustomize build, and dry run configuration for Kubernetes Manifests.
Audit Log management system for any application. Cloud-native, developer-friendly and open-source.
Find secrets in git repositories with TruffleHog & Gitleaks
Scout is an extensible open-source tool intended to assist smart contract developers and auditors detect common security issues and deviations from best practices. Scout audit is the core development on which we extend scout for specific blockchains.
An AST-free, LLM-free heuristic knowledge graph engine for deep repository intelligence. Map, secure, and modernize enterprise codebases across 50+ languages at extreme velocity
This project was created to assist participants and judges in Code4rena bot races
CyberSec Resources: FRAMEWORKS & STANDARDS; Pentesting Audits & Hacking; PURPLE TEAMING, AD, API, web, clouds, CTF, OSINT, Pentest tools, Network Security, Privilege escalation, Exploiting, Reversing, Secure Code, Bug Bounty, ...
OWASP SAPKiln is a graphical user interface (GUI) tool designed to facilitate securing and auditing SAP systems effectively.
🎯 Launch pentesting commands quickly with arsenal-ng, a modern, streamlined tool in Go, focused on simplicity and speed for developers.
Pentesting Suite Deployer for Raspbian Stretch
Solidity static analyzer you can talk to. MCP integration for Claude Code, Cursor, and Windsurf.
🛡️ CLI toolkit for auditing Solana smart contracts. Includes static analysis, IDL-based fuzzing, plugin system, and multi-format reports.
A compilation of solana security resources.
Per-entry-point, navigable call-graph visualizations of Solidity repositories — for Web3 security auditors.
:penguin: The Linux Simulator
BNB Chain Zero2Hero Bootcamp by Encode Club