Information Security
OpenCVE OpenCVE (formerly known as Saucs) is a platform that alerts you about new vulnerabilities related to the CVE list. How does it work OpenCVE uses the JSON feed provided by the NVD to be synchronized. After an...
opulence: Automation platform for open-source intelligence Collectors are responsible for collecting data across many different OSINT sources List of implemented collectors: Name description badips check if ip is blacklisted. (ex: 91.133.35.36) Censys Gather information...
ReconFTW ReconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities. Features 🔥 Google Dorks (degoogle_hunter) Multiple subdomain...
DNSObserver A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester’s server for out-of-band DNS interactions and sends notifications with the received...
HubbleStack (Hubble for short) is a modular, open-source, security & compliance auditing framework which is built in python, using SaltStack as a library. It provides on-demand profile-based auditing, real-time security event notifications, alerting and...
VulnerableCode VulnerableCode is a free and open database of FOSS software package vulnerabilities and the tools to create and keep the data current. It is made by the FOSS community to improve and secure...
GRAUDIT Graudit is a simple script and signature sets that allow you to find potential security flaws in source code using the GNU utility grep. It’s comparable to other static analysis applications like RATS,...
DefectDojo is an open-source application vulnerability correlation and security orchestration application. It allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities, and push findings into defect...
sast-scan Scan is a free open-source security tool for modern DevOps teams. With an integrated multi-scanner based design, Scan can detect various kinds of security flaws in your application and infrastructure code in a single...
nmapAutomator A script that you can run in the background! Summary The main goal for the nmapAutomator script is to automate all of the processes of recon/enumeration that are run every time and instead...
Suggested Reading