udp-hunter: Network assessment tool for various UDP Services
What is UDP Hunter? UDP Scanning has always been a slow and painful exercise, and if you add IPv6 on top of UDP, the tool choices get pretty limited. UDP...
Category: Vulnerability Analysis
checkov v3.1.43 releases: Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes
checkov Checkov is a static code analysis tool for infrastructure-as-code. It scans cloud infrastructure provisioned using Terraform, Cloudformation, or kubernetes and detects security and compliance misconfigurations. Checkov is written in...
boko: Application Hijack Scanner for macOS
boko Application Hijack Scanner for macOS boko.py is an application scanner for macOS that searches for and identifies potential dylib hijacking and weak dylib vulnerabilities for application executables, as well...
ntlm-scanner: tests servers for various known NTLM vulnerabilities
NTLM scanner Checks for various NTLM vulnerabilities over SMB. The script will establish a connection to the target host(s) and send an invalid NTLM authentication. If this is accepted, the...
pulsar v1.0 releases: Network footprint scanner
Pulsar Pulsar is an automated network footprint scanner for Red Teams, Pentesters and Bounty Hunters. It’s focused on the discovery of organization public-facing assets with minimal knowledge about its infrastructure....
Spray-AD: A Cobalt Strike tool to audit Active Directory user accounts
Spray-AD, a Cobalt Strike tool to perform a fast Kerberos password spraying attack against Active Directory. This tool can help Red and Blue teams to audit Active Directory user accounts...
naabu v2.1.9 releases: fast port scanner written in go
naabu naabu is a fast port scanner tool written in Go that allows you to enumerate valid ports for hosts in a fast and reliable manner. It is a really...
nray v2.0 alpha3 releases: distributed port scanner in Go
nray Nray is a free, platform and architecture-independent port and application layer scanner. Apart from regular targets (list of hosts/networks), it supports dynamic target selection, based on sources like certificate...
npq v2.0.14 releases: safely* install packages with npm/yarn by auditing them as part of your install process
npq safely* install packages with npm/yarn by auditing them as part of your install process. npq will perform the following steps to sanity check that the package is safe by employing...
Goby Beta2.2 releases: Attack surface mapping
Goby – Attack surface mapping The new generation of network security technology achieves rapid security emergencies through the establishment of a complete asset database for the target. Scan Asset Scanning...
git-vuln-finder v1.4 releases: Finding potential software vulnerabilities from git commit messages
git-vuln-finder Finding potential software vulnerabilities from git commit messages. The output format is a JSON with the associated commit which could contain a fix regarding a software vulnerability. The search...
Silver 0.1 RC releases: Mass scan IPs for vulnerable services
Silver Mass Vulnerability Scanner masscan is fast, nmap can fingerprint software and vulners is a huge vulnerability database. Silver is a front-end that allows complete utilization of these programs by...
[Blackhat Europe tool] huskyCI: Performing security tests inside your CI
huskyCI – Performing security tests inside your CI huskyCI is an open-source tool that performs security tests inside CI pipelines of multiple projects and centralizes all results into a database...
flan: A pretty sweet vulnerability scanner
Flan Scan is a lightweight network vulnerability scanner. With Flan Scan you can easily find open ports on your network, identify services and their version, and get a list of...
aura: Security auditing and code introspection
AURA – Security Auditing and code introspection The current trend in the development is to use a lot of packages in the development phase, even if they provide only trivial...
