#Security-tools

Showing 60 of 1117 repositories tagged #security-tools, ranked by stars

x64dbg
x64dbg
x64dbg

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Score
100
★ 48.8k ⑂ 2.8k +40/day
C++
KeygraphHQ
KeygraphHQ
shannon

Shannon is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.

Score
100
★ 45.6k ⑂ 5.3k +155/day
TypeScript
aquasecurity
aquasecurity
trivy

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Score
100
★ 36.8k ⑂ 530 +58/day
Go
lissy93
lissy93
web-check

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Score
100
★ 34.1k ⑂ 2.8k +35/day
TypeScript
gitleaks
gitleaks
gitleaks

Find secrets with Gitleaks 🔑

Score
99
★ 28.0k ⑂ 2.1k +49/day
Go
Infisical
Infisical
infisical

Infisical is the open-source platform for secrets, certificates, and privileged access management.

Score
96
★ 27.8k ⑂ 2.1k +19/day
TypeScript
trufflesecurity
trufflesecurity
trufflehog

Find, verify, and analyze leaked credentials

Score
97
★ 27.0k ⑂ 2.5k +5/day
Go
qeeqbox
qeeqbox
social-analyzer

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Score
93
★ 23.4k ⑂ 2.2k +31/day
JavaScript
lissy93
lissy93
personal-security-checklist

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026

Score
100
★ 21.8k ⑂ 1.5k +25/day
TypeScript
bee-san
bee-san
RustScan

🤖 The Modern Port Scanner 🤖

Score
100
★ 20.1k ⑂ 1.3k +18/day
Rust
smicallef
smicallef
spiderfoot

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Score
98
★ 19.3k ⑂ 3.2k +37/day
Python
vxcontrol
vxcontrol
pentagi

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

Score
95
★ 18.5k ⑂ 2.5k +414/day
Go
fail2ban
fail2ban
fail2ban

Daemon to ban hosts that cause multiple authentication errors

Score
100
★ 18.1k ⑂ 1.5k +25/day
Python
wazuh
wazuh
wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Score
100
★ 16.1k ⑂ 2.4k +4/day
C++
CISOfy
CISOfy
lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Score
100
★ 15.9k ⑂ 1.6k +28/day
Shell
prowler-cloud
prowler-cloud
prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Score
97
★ 14.1k ⑂ 2.2k +2/day
Python
shadow1ng
shadow1ng
fscan

一款内网综合扫描工具,方便一键自动化、全方位漏扫扫描。(An intranet comprehensive scanning tool, enabling one-click automated, all-round vulnerability scanning)

Score
93
★ 14.1k ⑂ 1.9k +32/day
Go
secdev
secdev
scapy

Scapy: the Python-based interactive packet manipulation program & library.

Score
95
★ 12.4k ⑂ 2.2k
Python
future-architect
future-architect
vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Score
92
★ 12.2k ⑂ 1.2k +1/day
Go
BishopFox
BishopFox
sliver

Adversary Emulation Framework

Score
90
★ 11.5k ⑂ 1.5k +43/day
Go
jason5ng32
jason5ng32
MyIP

The best IP Toolbox. Check your IP address & geolocation, test IP for WebRTC and DNS IP leaks, run an IP quality check, browser fingerprint check, website availability check, network speed test, global latency test, MTR test, Whois search, and more.

Score
99
★ 11.0k ⑂ 1.2k +19/day
Vue
edoardottt
edoardottt
awesome-hacker-search-engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

Score
99
★ 10.9k ⑂ 1.0k +16/day
Shell
google
google
osv-scanner

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Score
89
★ 10.6k ⑂ 733 +47/day
Go
1N3
1N3
Sn1per

Automated penetration testing & attack surface management platform. Recon, scan, exploit, report — 600+ exploits, 90+ integrations, 10K+ detections.

Score
99
★ 10.3k ⑂ 2.1k +16/day
Shell
toniblyx
toniblyx
my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Score
99
★ 9.5k ⑂ 1.6k +2/day
Shell
A-poc
A-poc
RedTeam-Tools

Tools and Techniques for Red Team / Penetration Testing

Score
99
★ 9.4k ⑂ 1.3k +173/day
securego
securego
gosec

Go security checker

Score
88
★ 8.9k ⑂ 700 +4/day
Go
yogeshojha
yogeshojha
rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Score
98
★ 8.7k ⑂ 1.3k +11/day
HTML
smallstep
smallstep
certificates

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Score
86
★ 8.6k ⑂ 566 +12/day
Go
PyCQA
PyCQA
bandit

Bandit is a tool designed to find common security issues in Python code.

Score
92
★ 8.2k ⑂ 792 +9/day
Python
trickest
trickest
cve

Gather and update all available and newest CVEs with their PoC.

Score
99
★ 7.9k ⑂ 976 +7/day
HTML
six2dez
six2dez
reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

Score
99
★ 7.8k ⑂ 1.2k +60/day
Shell
jakejarvis
jakejarvis
awesome-shodan-queries

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

Score
90
★ 7.6k ⑂ 1.0k +14/day
presidentbeef
presidentbeef
brakeman

A static analysis security vulnerability scanner for Ruby on Rails applications

Score
99
★ 7.3k ⑂ 772 +1/day
Ruby
liamg
liamg
traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Score
51
★ 7.1k ⑂ 703
Go
guardicore
guardicore
monkey

Infection Monkey - An open-source adversary emulation platform

Score
66
★ 7.0k ⑂ 818 +2/day
Python
authzed
authzed
spicedb

Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data

Score
84
★ 6.8k ⑂ 404 +6/day
Go
urbanadventurer
urbanadventurer
WhatWeb

Next generation web scanner

Score
98
★ 6.7k ⑂ 999 +14/day
Ruby
j3ssie
j3ssie
osmedeus

A Modern Orchestration Engine for Security

Score
82
★ 6.5k ⑂ 1.0k +2/day
Go
decalage2
decalage2
awesome-security-hardening

A collection of awesome security hardening guides, tools and other resources

Score
98
★ 6.4k ⑂ 670 +37/day
google
google
syzkaller

syzkaller is an unsupervised coverage-guided kernel fuzzer

Score
85
★ 6.3k ⑂ 1.4k
Go
infinition
infinition
Bjorn

Bjorn is a powerful network scanning and offensive security tool for the Raspberry Pi with a 2.13-inch e-Paper HAT. It discovers network targets, identifies open ports, exposed services, and potential vulnerabilities. Bjorn can perform brute force attacks, file stealing, host zombification, and supports custom attack scripts.

Score
85
★ 6.1k ⑂ 358 +11/day
Python
GhostTroops
GhostTroops
scan4all

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

Score
45
★ 6.1k ⑂ 716
Go
zizmorcore
zizmorcore
zizmor

Static analysis for GitHub Actions

Score
96
★ 5.8k ⑂ 222 +21/day
Rust
undergroundwires
undergroundwires
privacy.sexy

Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

Score
97
★ 5.8k ⑂ 278 +151/day
TypeScript
ffffffff0x
ffffffff0x
1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Score
89
★ 5.7k ⑂ 1.3k +1/day
C++
Pennyw0rth
Pennyw0rth
NetExec

The Network Execution Tool

Score
89
★ 5.7k ⑂ 728 +6/day
Python
dotenvx
dotenvx
dotenvx

a secure dotenv–from the creator of `dotenv`

Score
100
★ 5.6k ⑂ 146 +11/day
JavaScript
OlivierLaflamme
OlivierLaflamme
Cheatsheet-God

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Score
89
★ 5.6k ⑂ 1.3k +1/day
drk1wi
drk1wi
Modlishka

Modlishka. Reverse Proxy.

Score
81
★ 5.4k ⑂ 948 +9/day
Go
k8gege
k8gege
Ladon

Ladon大型内网渗透扫描器,PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。网络资产探测32种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)或方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等,大量高危漏洞检测模块MS17010、Zimbra、Exchange

Score
87
★ 5.3k ⑂ 881
C#
deepfence
deepfence
ThreatMapper

Open Source Cloud Native Application Protection Platform (CNAPP)

Score
98
★ 5.3k ⑂ 636 +1/day
TypeScript
OWASP
OWASP
Nettacker

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

Score
90
★ 5.3k ⑂ 1.1k +8/day
Python
NullArray
NullArray
AutoSploit

Automated Mass Exploiter

Score
64
★ 5.2k ⑂ 1.2k
Python
tenable
tenable
terrascan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Score
64
★ 5.2k ⑂ 555
Go
Ullaakut
Ullaakut
cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

Score
79
★ 5.1k ⑂ 623 +3/day
Go
Security-Onion-Solutions
Security-Onion-Solutions
securityonion

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

Score
98
★ 4.7k ⑂ 663 +4/day
Shell
urbanadventurer
urbanadventurer
Android-PIN-Bruteforce

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

Score
83
★ 4.7k ⑂ 833 +6/day
Shell
intelowlproject
intelowlproject
IntelOwl

IntelOwl: manage your Threat Intelligence at scale

Score
87
★ 4.6k ⑂ 648 +2/day
Python
skerkour
skerkour
black-hat-rust

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Score
82
★ 4.4k ⑂ 434
Rust
Related Topics
#security#hacking#pentesting#penetration-testing#cybersecurity#python#infosec#golang#osint#pentest#scanner

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly