Information Security
snallygaster Tool to scan for secret files on HTTP servers. snallygaster is a tool that looks for files accessible on web servers that shouldn’t be public and can pose a security risk. Typical examples...
gosec – Golang Security Checker Inspects source code for security problems by scanning the Go AST. Usage Gosec can be configured to only run a subset of rules, exclude certain file paths, and produce...
ReconFTW ReconFTW automates the entire process of reconnaisance for you. It outperforms the work of subdomain enumeration along with various vulnerability checks and obtaining maximum information about your target. ReconFTW uses a lot of techniques...
kubesec Security risk analysis for Kubernetes resources Changelog v2.11.2 6b6c727 Merge pull request #194 from controlplaneio/vendor_2.11. Download Kubesec is available as a: Docker container image at docker.io/kubesec/kubesec:v2 Linux/MacOS/Win binary (get the latest release) Kubernetes Admission Controller Kubectl plugin Or...
Brakeman Brakeman is an open-source static analysis tool that checks Ruby on Rails applications for security vulnerabilities. It can detect: Possibly unescaped model attributes or parameters in views (Cross-Site Scripting) Bad string interpolation in...
HopLa All the power of PayloadsAllTheThings, without the overhead. This extension adds autocompletion support and useful payloads in Burp Suite to make your intrusion easier. Getting started Installation Download the jar file from the...
What is DalFox Just, XSS Scanning and Parameter Analysis tool. I previously developed XSpear, a Ruby-based XSS tool, and this time, a full change occurred during the process of porting with golang!!! and created it...
Semgrep Semgrep is a command-line tool for offline static analysis. Use pre-built or custom rules to enforce code and security standards in your codebase. You can try it now with our interactive live editor. Semgrep combines the...
HaE – Highlighter and Extractor HaE is used to highlight HTTP requests and extract information from HTTP response messages or request messages. The plugin can custom regular expressions to match HTTP response messages. You can decide for...
nuclei Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use. It is used to send requests across targets based on a template leading to...
Suggested Reading