Programming / Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published February 13, 2021 · Last modified June 8, 2022
What is Horusec? Horusec is an open-source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java,...
Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published January 14, 2021 · Last modified September 28, 2024
OpenCVE OpenCVE (formerly known as Saucs) is a platform that alerts you about new vulnerabilities related to the CVE list. How does it work OpenCVE uses the JSON feed provided by the NVD to...
Information Gathering / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis
by do son · Published December 30, 2020
sarenka SARENKA is an Open Source Intelligence (OSINT) tool which helps you obtaining and understanding Attack Surface. The main goal is to gathering infromation from search engines for Internet-connected devices (https://censys.io/, https://www.shodan.io/)....
kubestriker kubestriker performs numerous in-depth checks on kubernetes infra to identify the security misconfigurations and challenges that devops engineers/developers are likely to encounter when using Kubernetes, especially in production and at...
solarflare Credential Dumping Tool for SolarWinds Orion. SolarFlare is a Authentication Audit / Password dumping tool originally designed for Red Team engagements, but can be used to audit the exposure...
Terrascan Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud-native infrastructure. Features 500+ Policies for security best practices Scanning of Terraform 12+ (HCL2) Scanning...
DockerENT DockerENT is an activE ruNtime application security scanning Tool (RAST tool). It is a pluggable framework written in Python. It comes with a CLI application and a clean Web Interface written using StreamLit. DockerENT has been designed...
Programming / Vulnerability Analysis / Web Vulnerability Analysis
by do son · Published October 21, 2020 · Last modified June 23, 2021
Security auditing and static code analysis Aura is a static analysis framework developed as a response to the ever-increasing threat of malicious packages and vulnerable code published on PyPI. Aura...
Whalescan Whalescan is a vulnerability scanner for Windows containers, which performs several benchmark checks, as well as checking for CVEs/vulnerable packages on the container. It also checks the config and...
Information Gathering / Vulnerability Analysis / Web Information Gathering / Web Vulnerability Analysis
by do son · Published September 12, 2020 · Last modified May 1, 2024
uDork uDork is a script written in Python that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications,...
Mobile Sentinel Mobile Sentinel is an Android App that allows you to detect vulnerabilities in deployed LTE and (future) 5G networks. With the current release, Mobile Sentinel focuses on the...
bluing Bluing (formerly bluescan) is a Bluetooth Intelligence Gathering tool written primarily in Python. It can help us snoop on the internal structure of Bluetooth which is a complex protocol or hack Bluetooth devices....
Nessus Map Nessus XML Praser What it does Vulnerability based parsing Service-based parsing Host bases parsing Unsupported OS parsing Generate Executive Summary of scan Export parsed .nessus(s) to JSON file(s)...
intelspy Perform automated network reconnaissance scans to gather network intelligence. IntelSpy is a network intelligence spy tool which performs automated enumeration of network services. It performs live hosts detection scans,...
Information Gathering / Vulnerability Analysis
by do son · Published July 8, 2020 · Last modified July 23, 2020
autoenum Autoenum is a recon tool which performs automatic enumeration of services discovered. I built this to save some time during CTFs and pen testing environments (i.e. HTB, VulnHub, OSCP)...
Support Securityonline.info site. Thanks!
