Other
Other types of tools you may be interested in...
Last updated
Was this helpful?
Other types of tools you may be interested in...
Last updated
Was this helpful?
Bytedance (): an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless.
(): a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.
Chef (): an open-source testing framework for infrastructure with a human- and machine-readable language for specifying compliance, security and policy requirements.
ChainGuard (): Wolfi is a community Linux OS designed for the container and cloud-native era.
: fix the Docker and UFW security flaw without disabling iptables.
: the industry leader in automated threat modeling and secure software design.
: makes threat modeling easier for all developers through a standard notation for visualizing system components, data flows, and security boundaries.
: threat modeling that doesn’t scale leaves you vulnerable to attack.
: a modeling tool used to create threat model diagrams as part of a secure development lifecycle.
() (⚠️): an open source project that aims to close the gap between development and security by bringing the threat modelling process further into the development process.
Apps:
(): a wrapper around all package managers with lots of features.
Anchore : CLI tool and library for generating a Software Bill of Materials from container images and filesystem.
(): the firmware security analyzer.
(): platform Security Assessment Framework.
: Find, locate, and query files for ops and security experts.
INE (Windows): a windows log analysis framework that allows a threat hunter to find the common threats on the machine quickly. This tool also helps a threat hunter to detect APT movements.
: analyse suspicious files, domains, IPs and URLs to detect malware and other breaches, automatically share them with the security community.
(⚠️): serverless, Real-time & Retroactive Malware Detection.
: project is created to automate information gathering, vulnerability scanning and eventually generating a report for networks, including services, bugs, vulnerabilities, misconfigurations, and other information.
: a Workflow Engine for Offensive Security Designed to build a foundation with the capability and flexibility that allow you to run your reconnaissance system automatically.
: automating situational awareness for cloud penetration tests.
(): for basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon.
(Chinese): a mobile (Android, iOS, WEB, H5, static website) information collection and scanning tool suitable for HW action/red team/penetration testing team scenarios.
Rhino Security Lab - : Open Source AWS Exploitation Framework.
: a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities.
(): helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
: exploitation Framework for Embedded Devices.
(): advanced vulnerability scanning with Nmap NSE.
(): official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty.