#Security-audit

Showing 60 of 246 repositories tagged #security-audit, ranked by stars

KeygraphHQ
KeygraphHQ
shannon

Shannon is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.

Score
100
★ 45.6k ⑂ 5.3k +155/day
TypeScript
wazuh
wazuh
wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Score
99
★ 16.1k ⑂ 2.4k +4/day
C++
CISOfy
CISOfy
lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Score
100
★ 15.9k ⑂ 1.6k +28/day
Shell
gojue
gojue
ecapture

Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.

Score
100
★ 15.3k ⑂ 1.6k +4/day
C
prowler-cloud
prowler-cloud
prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Score
100
★ 14.1k ⑂ 2.2k +2/day
Python
future-architect
future-architect
vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Score
91
★ 12.2k ⑂ 1.2k +1/day
Go
google
google
osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Score
82
★ 10.6k ⑂ 733 +47/day
Go
We5ter
We5ter
Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Score
99
★ 9.0k ⑂ 2.4k +6/day
dependency-check
dependency-check
DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Score
98
★ 7.6k ⑂ 1.4k +9/day
Java
presidentbeef
presidentbeef
brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

Score
98
★ 7.3k ⑂ 772 +1/day
Ruby
infobyte
infobyte
faraday

Open Source Vulnerability Management Platform

Score
91
★ 6.6k ⑂ 1.1k +5/day
Python
charles2gan
charles2gan
GDA-android-reversing-Tool

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extraction, data decryption, and encryption, etc.

Score
97
★ 4.8k ⑂ 568 +1/day
Python
Arachni
Arachni
arachni

Web Application Security Scanner Framework

Score
97
★ 4.0k ⑂ 785 +2/day
Ruby
scipag
scipag
vulscan

Advanced vulnerability scanning with Nmap NSE

Score
93
★ 3.8k ⑂ 696 +2/day
Lua
aquasecurity
aquasecurity
cloudsploit

Cloud Security Posture Management (CSPM)

Score
95
★ 3.8k ⑂ 746 +2/day
JavaScript
ysrc
ysrc
xunfeng

巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

Score
77
★ 3.6k ⑂ 1.3k +1/day
Python
codingo
codingo
NoSQLMap

Automated NoSQL database enumeration and web application exploitation tool.

Score
93
★ 3.3k ⑂ 625
Python
goodwithtech
goodwithtech
dockle

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

Score
73
★ 3.3k ⑂ 162 +1/day
Go
techgaun
techgaun
github-dorks

Find leaked secrets via github search

Score
84
★ 3.2k ⑂ 643 +1/day
Python
pwndoc
pwndoc
pwndoc

Pentest Report Generator

Score
96
★ 2.9k ⑂ 511 +4/day
JavaScript
grayddq
grayddq
GScan

本程序旨在为安全应急响应人员对Linux主机排查时提供便利,实现主机侧Checklist的自动全面化检测,根据检测结果自动数据聚合,进行黑客攻击路径溯源。

Score
74
★ 2.8k ⑂ 625 +1/day
Python
rubysec
rubysec
bundler-audit

Patch-level verification for Bundler

Score
95
★ 2.8k ⑂ 247
Ruby
Bearer
Bearer
bearer

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Score
94
★ 2.7k ⑂ 141 +2/day
Go
Syslifters
Syslifters
sysreptor

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Score
94
★ 2.5k ⑂ 279 +5/day
Python
evilsocket
evilsocket
bettercap

DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap

Score
71
★ 2.5k ⑂ 332
kpcyrd
kpcyrd
sn0int

Semi-automatic OSINT framework and package manager

Score
100
★ 2.5k ⑂ 222 +2/day
Rust
find-sec-bugs
find-sec-bugs
find-sec-bugs

The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)

Score
91
★ 2.4k ⑂ 484
Java
m0nad
m0nad
Diamorphine

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)

Score
92
★ 2.4k ⑂ 482 +7/day
C
OWASP
OWASP
masvs

The OWASP MASVS (Mobile Application Security Verification Standard) is the industry standard for mobile app security.

Score
89
★ 2.4k ⑂ 700 +5/day
Python
nfcgate
nfcgate
nfcgate

An NFC research toolkit application for Android

Score
100
★ 2.2k ⑂ 264 +3/day
Java
codingo
codingo
Reconnoitre

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

Score
71
★ 2.2k ⑂ 454 +2/day
Python
vernu
vernu
vps-audit

lightweight, dependency-free bash script for security, performance auditing and infrastructure monitoring of Linux servers.

Score
86
★ 2.2k ⑂ 183 +191/day
Shell
someengineering
someengineering
fixinventory

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

Score
87
★ 2.1k ⑂ 137
Python
MichaelGrafnetter
MichaelGrafnetter
DSInternals

Directory Services Internals (DSInternals) PowerShell Module and Framework

Score
91
★ 2.0k ⑂ 277 +2/day
C#
doyensec
doyensec
inql

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Score
90
★ 1.8k ⑂ 188 +4/day
Kotlin
lirantal
lirantal
npq

safely install npm packages by auditing them pre-install stage

Score
89
★ 1.8k ⑂ 41
JavaScript
wireghoul
wireghoul
graudit

grep rough audit - source code auditing tool

Score
83
★ 1.7k ⑂ 255
Shell
cddmp
cddmp
enum4linux-ng

A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professionals and CTF players.

Score
85
★ 1.6k ⑂ 152 +7/day
Python
w5teams
w5teams
w5

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效

Score
45
★ 1.5k ⑂ 248
Python
ssh-mitm
ssh-mitm
ssh-mitm

SSH-MITM - ssh audits made simple

Score
88
★ 1.5k ⑂ 156 +1/day
Python
felixgr
felixgr
secure-ios-app-dev

Collection of the most common vulnerabilities found in iOS applications

Score
0
★ 1.4k ⑂ 105
eliotsykes
eliotsykes
rails-security-checklist

:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

Score
62
★ 1.4k ⑂ 93
Ruby
pypa
pypa
pip-audit

Audits Python environments, requirements files and dependency trees for known security vulnerabilities, and can automatically fix them

Score
86
★ 1.3k ⑂ 109 +1/day
Python
denji
denji
golang-tls

Simple Golang HTTPS/TLS Examples

Score
45
★ 1.3k ⑂ 159
qdhenry
qdhenry
Claude-Command-Suite

Professional slash commands for Claude Code that provide structured workflows for software development tasks including code review, feature creation, security auditing, and architectural analysis.

Score
100
★ 1.3k ⑂ 152 +2/day
Shell
codingo
codingo
VHostScan

A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, aliases and dynamic default pages.

Score
67
★ 1.3k ⑂ 239 +1/day
Python
freelabz
freelabz
secator

secator - the pentester's swiss knife

Score
87
★ 1.3k ⑂ 133
Python
m4n3dw0lf
m4n3dw0lf
pythem

pentest framework

Score
66
★ 1.2k ⑂ 321
Python
bitquark
bitquark
shortscan

An IIS short filename enumeration tool

Score
60
★ 1.2k ⑂ 115 +2/day
Go
Hackmanit
Hackmanit
Web-Cache-Vulnerability-Scanner

Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

Score
82
★ 1.2k ⑂ 161 +2/day
Go
SecurityFTW
SecurityFTW
cs-suite

Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.

Score
63
★ 1.2k ⑂ 209
Shell
techjacker
techjacker
repo-security-scanner

CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

Score
58
★ 1.2k ⑂ 91
Go
rustsec
rustsec
advisory-db

Security advisory database for Rust crates published through crates.io

Score
90
★ 1.1k ⑂ 498 +1/day
larlarua
larlarua
AutoCVE

Agent-driven automated CVE discovery platform for source code auditing, vulnerability verification, and report generation.

Score
82
★ 1.1k ⑂ 70 +160/day
Python
koutto
koutto
jok3r

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Score
62
★ 1.1k ⑂ 251
HTML
rastating
rastating
wordpress-exploit-framework

A Ruby framework designed to aid in the penetration testing of WordPress systems.

Score
61
★ 1.0k ⑂ 262
Ruby
ohmybahgosh
ohmybahgosh
RockYou2021.txt

RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!

Score
57
★ 1.0k ⑂ 127 +1/day
vchinnipilli
vchinnipilli
kubestriker

A Blazing fast Security Auditing tool for Kubernetes

Score
56
★ 1.0k ⑂ 109
Python
fportantier
fportantier
habu

Hacking Toolkit

Score
64
★ 981 ⑂ 164
Python
DataDog
DataDog
KubeHound

Tool for building Kubernetes attack paths

Score
64
★ 979 ⑂ 65
Go
Related Topics
#security#security-tools#penetration-testing#vulnerability-scanners#hacking#security-automation#vulnerability-detection#security-scanner#pentesting#scanner#security-hardening#linux

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly