Other

Workloads

• Bytedance Elkeid (web): an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless.

Infrastructure

• Suricata (web): a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

• Chef Inspec (web): an open-source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security and policy requirements.

Containers

• ChainGuard Wolfi (web): Wolfi is a community Linux OS designed for the container and cloud-native era.

• ufw-docker: fix the Docker and UFW security flaw without disabling iptables.

Threat Modelling

• IriusRisk: the industry leader in automated threat modeling and secure software design.

• Microsoft Threat Modelling Tool: makes threat modeling easier for all developers through a standard notation for visualizing system components, data flows, and security boundaries.

• SecurityCompass: threat modeling that doesn’t scale leaves you vulnerable to attack.

• OWASP Threat Dragon: a modeling tool used to create threat model diagrams as part of a secure development lifecycle.

• Threatspec (web) (⚠️): an open source project that aims to close the gap between development and security by bringing the threat modelling process further into the development process.

SBOM

Packages

• Meta package manager (mpm) (web): a wrapper around all package managers with lots of features.

Containers

• Anchore syft: CLI tool and library for generating a Software Bill of Materials from container images and filesystem.

Firmware

• EMBA (web): the firmware security analyzer.

• chipsec (web): platform Security Assessment Framework.

Threat Hunting

• Recon: Find, locate, and query files for ops and security experts.

• INE ThreatSeeker (Windows): a windows log analysis framework that allows a threat hunter to find the common threats on the machine quickly. This tool also helps a threat hunter to detect APT movements.

Malware detection

• VirusTotal: analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.

  • API Scripts & Clients

  • Apps:

    • Desktop

    • Browser Extensions

    • Mobile Apps

  • Premium services

• BinaryAlert (⚠️): serverless, Real-time & Retroactive Malware Detection.

Pentesting / Forensics 😈

• OWASP Nettacker: project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information.

• Osmedeus: a Workflow Engine for Offensive Security Designed to build a foundation with the capability and flexibility that allow you to run your reconnaissance system automatically.

• CloudFox: automating situational awareness for cloud penetration tests.

• top25-parameter (web): for basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.

• AppInfoScanner (Chinese): a mobile (Android, iOS, WEB, H5, static website) information collection and scanning tool suitable for HW action/red team/penetration testing team scenarios.

• Rhino Security Lab - Pacu: Open Source AWS Exploitation Framework.

• recconFTW: a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities.

• MVT (Mobile Verification Toolkit) (web): helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

• RouterSploit: exploitation Framework for Embedded Devices.

• vulscan (Nmap) (web): advanced vulnerability scanning with Nmap NSE.

• scan4all (web): official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty.

  • Other author repositories