Security Auditing
Showing 25 of 25 projects
A security auditing and hardening tool for UNIX-based systems, performing in-depth scans and compliance testing.
A rogue Access Point framework for conducting Wi-Fi security testing and phishing attacks during red team engagements.
An advanced offline password cracker supporting hundreds of hash and cipher types across multiple platforms.
A free and open-source network discovery and security auditing tool for mapping networks and identifying services.
A Python tool for fast subdomain enumeration using OSINT and bruteforce, designed for penetration testers and bug hunters.
A general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities.
An open-source multi-cloud security auditing tool that assesses cloud environment security posture via provider APIs.
A high-quality, commented Sysmon configuration template for Windows system monitoring and incident investigation.
A security testing toolkit for exploiting printer languages (PostScript, PJL, PCL) to capture/manipulate print jobs, access filesystems, and cause physical damage.
A security auditing tool for SSH server and client configurations, analyzing algorithms, vulnerabilities, and policy compliance.
A multi-threaded Python brute-forcing tool with a modular design for reliable and flexible password guessing attacks.
An Nmap NSE script that transforms nmap into a vulnerability scanner using offline vulnerability databases.
A weaponized PHP web shell for post-exploitation with over 30 modules for remote administration, auditing, and network pivoting.
Nmap NSE script that uses Vulners.com API to detect software vulnerabilities during network scans.
An automated Python tool for auditing and exploiting NoSQL database vulnerabilities and web application injection attacks.
A free Mac OS X computer forensics tool that parses system artifacts, extracts user data, and verifies file reputation.
A comprehensive suite for man-in-the-middle attacks, featuring live connection sniffing, content filtering, and protocol dissection.
A PowerShell toolkit for attacking, auditing, and securing Microsoft SQL Server environments during penetration tests.
A SpotBugs plugin for detecting security vulnerabilities in Java web and Android applications.
A graphical tool for custom wordlist generation using human password paradigms, with output for Hashcat and John the Ripper.
A transparent SSH and telnet bastion server that simplifies secure access management without requiring client-side configuration.
A Perl toolkit for ripping web-accessible version control repositories (Git, SVN, Mercurial, Bazaar, CVS) even when directory browsing is disabled.
A penetration testing tool that intercepts SSH connections to log plaintext passwords and full sessions.
A grep-based source code auditing tool that finds potential security flaws using signature databases for multiple programming languages.
A cargo plugin that detects and reports usage of unsafe Rust code in crates and their dependencies.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.