Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Protect and discover secrets using Gitleaks 🔑

Find, verify, and analyze leaked credentials

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Adversary Emulation Framework

Go security checker

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

syzkaller is an unsupervised coverage-guided kernel fuzzer

A Workflow Engine for Offensive Security

Open Source, Google Zanzibar-inspired database for scalably storing and querying fine-grained authorization data

Modlishka. Reverse Proxy.

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Cameradar hacks its way into RTSP videosurveillance cameras

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

🔓 🔓 Find secrets and passwords in container images and file systems 🔓 🔓

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start