Stars
Open Source Cloud Native Application Protection Platform (CNAPP)
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readines…
Fast passive subdomain enumeration tool.
A python tool to check subdomain takeover vulnerability
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Fast and customizable vulnerability scanner based on simple YAML based DSL.
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
Testing TLS/SSL encryption anywhere on any port
OpenSSF Scorecard - Security health metrics for Open Source
oauth2l ("oauth tool") is a simple CLI for interacting with Google API authentication.
ripgrep recursively searches directories for a regex pattern while respecting your gitignore
OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
🐍 The official Python client library for Google's discovery based APIs.
Per object permissions for Django
Docs: Vulnerability management aggregation of AppSec & OpSec (Tools Listing)
The Google Cloud Developer's Cheat Sheet
An example heroku server implementation for exploiting an XSS in the OWASP Juice Shop
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Web app that provides basic navigation and annotation of ATT&CK matrices