Security Tool
Showing 32 of 32 projects
An open-source penetration testing tool that automates SQL injection detection and database takeover.
A tool for detecting secrets like passwords, API keys, and tokens in git repositories, directories, and stdin.
A fast, automated tool that decrypts encryptions, decodes encodings, and cracks hashes without prior knowledge of the key or cipher.
Performs in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.
Performs in-depth attack surface mapping and external asset discovery using open source intelligence and active reconnaissance.
A fast, passive subdomain enumeration tool for security researchers and penetration testers.
A free, open-source firewall for macOS that monitors and controls outgoing network connections.
A cloud native runtime security tool for Linux that detects abnormal behavior and security threats in real-time.
An SSH tarpit that slowly sends an endless banner to trap and waste attackers' time.
A low-level unprivileged sandboxing tool for Linux that creates container environments without requiring root privileges.
A next-generation web scanner that identifies websites and their technologies using over 1800 plugins with configurable aggression levels.
A tool to scan APK files for URIs, endpoints, secrets, and sensitive data patterns.
An open-source tool that detects capabilities in executable files like malware, identifying behaviors such as backdoor installation or network communication.
An open-source tool that detects capabilities in executable files like malware, identifying behaviors such as backdoor installation or network communication.
A Python tool for generating custom wordlists by profiling users to guess weak passwords during penetration tests.
An automated penetration testing tool that detects and exploits command injection vulnerabilities in web applications.
A penetration testing tool that discovers and accesses RTSP video surveillance cameras through network scanning and dictionary attacks.
A symbolic-execution-based security analysis tool for detecting vulnerabilities in Ethereum and EVM-compatible smart contracts.
An OSINT tool that uses facial recognition to correlate social media profiles across multiple platforms for security professionals.
A library and tool to generate PHP unserialize() payloads for exploiting gadget chains in popular frameworks.
A high-performance DNS brute-force tool for enumerating subdomains during penetration testing.
A Windows tool for extracting metadata and hidden information from documents found on web pages and local files.
A Sigma-based threat hunting and fast forensics timeline generator for Windows event logs, written in Rust.
A secure, self-hostable service for sharing secrets, passwords, and files with end-to-end encryption and one-time URLs.
A command-line information gathering tool for websites, phone numbers, emails, and domains.
A Python tool to dump a git repository from a website, even when directory listing is disabled.
A stealthy command and control framework that persists on webservers via a polymorphic PHP one-liner backdoor.
A fast, multi-protocol credential brute-forcer that parses Nmap, Nessus, and Nexpose output to test credentials across 30+ services.
An SSH server that identifies users by enumerating their public keys and matching them against GitHub's public key dataset.
A network OSINT tool that automates subdomain enumeration, service fingerprinting, and data collection via Shodan and ViewDNS APIs.
A command-line tool that cracks legacy ZIP encryption using Biham and Kocher's known plaintext attack.
Security-focused static analysis tool for Elixir and Phoenix applications, detecting common vulnerabilities.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.