Information Security
DefectDojo is an open-source application vulnerability correlation and security orchestration application. It allows you to manage your application security program, maintain product and application information, schedule scans, triage vulnerabilities, and push findings into defect...
kubei Kubei is a vulnerabilities scanning tool that allows users to get an accurate and immediate risk assessment of their kubernetes clusters. Kubei scans all images that are being used in a Kubernetes cluster,...
Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes “copysploit” to copy any exploit-db exploit to the current directory and “compilesploit” to...
WPScan is a black box WordPress vulnerability scanner. Changelog v3.8.5 Minor: Be more informative in CLI output with InterestingFindings – Ref #1510 Better CLI error messages for Path validators Install Requirement Ruby >= 2.2.2 –...
What is a CMS? A content management system (CMS) manages the creation and modification of digital content. It typically supports multiple users in a collaborative environment. Some noteable examples are: WordPress, Joomla, Drupal etc. Functions...
kubesec Security risk analysis for Kubernetes resources Changelog v2.6 da10552 Merge pull request #105 from controlplaneio/dash_stdin f9dfae5 docs: bump readme to include new versions 8f4151d test: add regression test for cli no file scan output 4e192d6 chore: set editorconfig for...
BlackWidow is a python based web application spider to gather subdomains, URL’s, dynamic parameters, email addresses and phone numbers from a target website. This project also includes Inject-X fuzzer to scan dynamic URL’s for...
mitmproxy is an interactive, SSL-capable intercepting proxy with a console interface. mitmdump is the command-line version of mitmproxy. Think tcpdump for HTTP. mitmweb is a web-based interface for mitmproxy. pathoc and pathod are perverse...
BurpCrypto Burpcrypto is a collection of burpsuite encryption plug-ins, supporting AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite). Usage Add this jar to your burpsuite’s Extensions. Switch to the BurpCrypto tab, select you to need the...
Flask Unsign Command-line tool to fetch, decode, brute-force, and craft session cookies of a Flask application by guessing secret keys. For the standalone wordlist component, please visit the flask-unsign-wordlist repository. Changelog v0.1 Fixed issue #4, added...
Suggested Reading