What is Horusec? Horusec is an open-source tool that performs a static code analysis to identify security flaws during the development process. Currently, the languages for analysis are C#, Java, Kotlin, Python, Ruby, Golang,...
sast-scan Scan is a free open-source security tool for modern DevOps teams. With an integrated multi-scanner based design, Scan can detect various kinds of security flaws in your application and infrastructure code in a single...
Smuggler An HTTP Request Smuggling / Desync testing tool written in Python 3. IMPORTANT This tool does not guarantee any false positives or false negatives. Just because a mutation may report OK does not...
gosec – Golang Security Checker Inspects source code for security problems by scanning the Go AST. Usage Gosec can be configured to only run a subset of rules, exclude certain file paths, and produce...
Kube-hunter hunts for security weaknesses in Kubernetes clusters. The tool was developed to increase awareness and visibility for security issues in Kubernetes environments. You should NOT run kube-hunter on a Kubernetes cluster you don’t own!...
PatrOwl PatrOwl is a scalable, free and open-source solution for orchestrating Security Operations. PatrowlEngines is the engine framework and the supported list of engines performing the operations (scans, searches, API calls, …) in due time. The...
Crimson Crimson is a tool that automates some of the Pentester or Bug Bounty Hunter tasks. It uses many open source tools, most of them are available for download from github. It consists of...
shisho Shisho is a lightweight static code analyzer designed for developers and security teams. The key motivation of Shisho is providing a means of Security-as-Code for Code. It allows us to analyze and transform your source...
What is DalFox Just, XSS Scanning and Parameter Analysis tool. I previously developed XSpear, a Ruby-based XSS tool, and this time, a full change occurred during the process of porting with golang!!! and created it...
Salus: Guardian of Code Safety and Security Salus (Security Automation as a Lightweight Universal Scanner), named after the Roman goddess of protection, is a tool for coordinating the execution of security scanners. You can run...
Suggested Reading