#Security-automation
Showing 60 of 165 repositories tagged #security-automation, ranked by stars
Shannon is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.
Open-source AI penetration testing tool to find and fix your app’s vulnerabilities.
817 structured cybersecurity skills for AI agents · Mapped to 6 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND, NIST AI RMF & MITRE F3 (Fight Fraud) · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 29 security domains · Apache 2.0
Fully autonomous AI Agents system capable of performing complex penetration testing tasks
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
🐚 Python-powered shell. Full-featured, cross-platform and AI-friendly.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
Go security checker
Automated Adversary Emulation Platform
Infection Monkey - An open-source adversary emulation platform
Open Source Vulnerability Management Platform
Open-Source Unified Vulnerability Management, DevSecOps & ASPM
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
👀👮🐢🔥Performs a privacy & security check of Windows 10
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.
Security automation content in SCAP, Bash, Ansible, and other formats
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Automated Security Testing For REST API's
Automation to assess the state of your M365 tenant against CISA's baselines
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.
Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.
Turn Claude Code into your offensive security research assistant. Specialized AI subagents for authorized penetration testing plan engagements, analyze recon, research exploits, build detections, audit STIGs, and write reports.
A AI general-purpose state-space search engine, validated first on autonomous penetration testing.
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
Hardening Ubuntu. Systemd edition.
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
Firmware Analysis and Comparison Tool
Linting tool for CloudFormation templates
PacBot (Policy as Code Bot)
An IIS short filename enumeration tool
AI-powered offensive security agent with 7,300+ actionable security skills. Autonomous pentesting powered by MITRE ATT&CK (2,000+ Atomic tests), CIS Benchmarks (1,500+ controls), OWASP, NIST. Lazy-loading, zero context pollution. Your AI red team.
LuaN1aoAgent is a cognitive-driven AI hacker. It is a fully autonomous AI penetration testing agent, using dual-graph reasoning.
Automated pentest reporting with custom templates, project tracking, customer dashboard and client management tools. Streamline your security workflows effortlessly!
AI-powered penetration testing assistant for automating recon, note-taking, and vulnerability analysis.
Distributed alerting for the masses!
secureCodeBox (SCB) - continuous secure delivery out of the box
Tool for building Kubernetes attack paths
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
Reconmap is a collaboration-first security operations platform for infosec teams and MSSPs, enabling end‑to‑end engagement management, from reconnaissance through execution and reporting. With built-in command automation, output parsing, and AI‑assisted summaries, it delivers faster, more structured, and high‑quality security assessments.
Security automation with n8n ideas: 100+ Red/Blue/AppSec workflows, integrations, and ready-to-run playbooks.
A command-line tool to get valuable information out of AWS CloudTrail
Make production Rust binaries auditable
Automation and Scaling of Digital Forensics Tools
ASEA developer support has ended, and the ASEA github repo will be marked Archived (read-only) by the end of 2025.
CI/CD Security Analyzer
156 offensive security skills for recon and pentest. Field-validated techniques from 600+ targets across 45+ sectors. Updated with browser fingerprint evasion, anti-bot bypass, hardcoded credential hunting, SCADA/ICS enumeration.
Autonomous AI pentesting engine performing continuous offensive security across web, cloud, AD and Kubernetes. Uses agentic reasoning, real exploit execution and attack path analysis to deliver proof-based vulnerabilities.
Agentic offensive-security in your terminal
Penetration Testing notes, resources and scripts
PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
MCP for Security: A collection of Model Context Protocol servers for popular security tools like SQLMap, FFUF, NMAP, Masscan and more. Integrate security testing and penetration testing into AI workflows.
Protect your secrets using Gitleaks-Action
Pen Test Report Generation and Assessment Collaboration