Open-Source Security Tools
Guides to open-source security tooling — what they do and how to deploy them as part of a secure SDLC.
In this category
aaWAF
aaWAF is an open-source Web Application Firewall built in Go that uses semantic analysis to detect and block common web attacks (SQL injection, XSS, file upload…
Above
Above is a Python-based network packet sniffer designed for penetration testers and security engineers to identify vulnerabilities in network protocols and equi…
ARL
ARL is an asset reconnaissance platform designed to discover and catalog internet-facing assets associated with a target organization, including domains, IPs, o…
AI-Infra-Guard
AI-Infra-Guard is an open-source red teaming platform from Tencent that scans AI systems, agents, skills, and LLMs for security vulnerabilities including jailbr…
akto
Akto is an open-source API security platform that discovers APIs, tests them for vulnerabilities, and identifies runtime security issues. It includes 1000+ buil…
Android-Disassembler
Android-Disassembler is a mobile app for reverse-engineering binaries on Android devices, supporting ELF, PE, DEX, and other formats. It uses Capstone for disas…
AngryOxide
AngryOxide is a Rust-based 802.11 wireless penetration testing tool designed to automate WiFi attack workflows and capture EAPOL handshakes for offline cracking…
ansible-role-hardening
Ansible role that automatically hardens Linux servers (AlmaLinux, Debian, Ubuntu) by applying security baselines including SSH configuration, firewall rules, PA…
api-firewall
API Firewall is an open-source, high-performance reverse proxy that validates REST and GraphQL API traffic against OpenAPI and GraphQL schemas. It operates in b…
APKHunt
APKHunt is a static code analysis tool for Android APK files built on the OWASP MASVS security framework. It scans for common security vulnerabilities in mobile…
ApplicationInspector
Application Inspector is a Microsoft-built static analysis tool that scans source code to identify what software does by detecting library calls, APIs, encrypti…
AppVerifier
AppVerifier is an Android app that lets users verify app authenticity by comparing signing certificate hashes. Users can share verification info with others to …
arcjet-js
Arcjet is a TypeScript/JavaScript SDK that protects AI applications and web services from bot attacks, prompt injection, rate limiting abuse, and sensitive data…
ARL
ARL (Asset Reconnaissance Lighthouse) is a Python-based open-source system for discovering and cataloging internet-facing assets associated with a target organi…
ARL-docker
ARL-docker is a containerized deployment wrapper around ARL v2.6.2, a reconnaissance and asset discovery tool for cybersecurity. It packages ARL with ~7,000+ fi…
Artemis
Artemis is a modular Python-based vulnerability scanner developed by CERT Poland that automates security assessment and report generation for web applications. …
articles-translator
A community-driven repository of translated technical articles covering web development, security, JavaScript, and DevOps topics. The project aggregates curated…
athena
Athena OS is an Arch/Nix-based Linux distribution tailored for cybersecurity professionals, penetration testers, and security learners. It bundles security and …
AttackSurfaceAnalyzer
Attack Surface Analyzer is a Microsoft open-source security tool that compares your system's configuration before and after software installation to identify ne…
AutoCVE
AutoCVE is an open-source Python platform that automates CVE discovery in source code using multi-agent AI orchestration. It combines static scanning, source co…
automated-security-helper
ASH is a Python-based orchestration engine that runs multiple open-source security scanners (Bandit, Semgrep, Checkov, etc.) to find vulnerabilities in code, in…
AutorizePro
AutorizePro is a Burp Suite extension for detecting authorization bypass vulnerabilities (IDOR, broken access control) using AI-assisted analysis to reduce fals…
aws-sso-cli
AWS SSO CLI is a Go-based command-line tool that simplifies managing AWS Identity Center credentials for organizations with multiple AWS accounts and roles. It …
badsecrets
BadSecrets is a Python library that detects the use of known or weak cryptographic secrets (like default API keys, machine keys, and signing passwords) across 2…
bandit
Bandit is a static analysis tool that scans Python code for common security issues by parsing the Abstract Syntax Tree (AST) and running security plugins. It is…
Bjorn
Bjorn is a Python-based network scanning and offensive security tool designed to run on Raspberry Pi with an e-Paper display. It autonomously discovers hosts, i…
black-hat-rust
Black Hat Rust is an educational book and code repository teaching offensive security techniques using the Rust programming language. It covers reconnaissance, …
blackarch
BlackArch Linux is an Arch Linux-based penetration testing distribution containing over 2,800 pre-packaged security tools. It is designed for penetration tester…
BLUESPAWN
BLUESPAWN is an open-source Windows EDR and active defense tool built in C++ to help blue teams detect and respond to malware and anomalous activity in real-tim…
bomber
Bomber is a Go-based tool that scans Software Bill of Materials (SBOMs) in CycloneDX, SPDX, or Syft formats to identify security vulnerabilities across multiple…
bundler-audit
bundler-audit is a Ruby gem that scans your project's dependencies for known security vulnerabilities by checking against the ruby-advisory-db. It identifies in…
caddy-waf
Caddy-WAF is a middleware module for the Caddy web server that provides Web Application Firewall capabilities including regex-based rule matching, IP/DNS filter…
Cairn
Cairn is a Python-based AI agent system that solves problems by searching through unknown state spaces, validated first on autonomous penetration testing. It us…
cameradar
Cameradar is a Go-based penetration testing tool that scans networks for RTSP video surveillance cameras and attempts to breach them via dictionary attacks on c…
cargo-auditable
cargo-auditable embeds dependency tree metadata into Rust binaries, enabling post-deployment vulnerability auditing without external tracking. It works transpar…
cariddi
Cariddi is a Go-based web crawler and security scanner designed for reconnaissance and bug bounty work. It takes a list of domains, crawls URLs, and detects exp…
certificates
step-ca is an open-source private certificate authority (CA) built in Go that automates TLS and SSH certificate management for internal infrastructure. It provi…
changeme
changeme is a Python-based default credential scanner that identifies hardcoded and backdoor credentials across multiple protocols (HTTP, SSH, SQL databases, SN…
CheatSheetSeries
OWASP Cheat Sheet Series is a curated reference library of concise security best practices for application developers, maintained by OWASP as a flagship project…
chipsec
CHIPSEC is an open-source framework for assessing the security of PC platforms, including hardware, BIOS/UEFI firmware, and platform components. It provides sec…
community-scripts
Community Scripts is an Apache-2.0 licensed collection of scripting extensions for OWASP ZAP, a web application security testing tool. Users can deploy ready-ma…
container-security-checklist
Container Security Checklist is a curated reference guide documenting security best practices across the container lifecycle—from image building and registry ma…
ContainerSSH
ContainerSSH is an SSH server that dynamically launches containers on Kubernetes or Docker on-demand when users connect. It acts as a bridge between SSH clients…
copacetic
Copacetic is a CLI tool that patches container image vulnerabilities directly without rebuilding entire images. It integrates with vulnerability scanners like T…
cve
CVE is an automated repository that aggregates publicly available CVE proof-of-concepts (PoCs) from multiple sources, organized by year. It uses workflows to ga…
cve-bin-tool
CVE Binary Tool is an open-source Python utility for scanning software binaries and bill-of-materials (SBOM) files against known vulnerabilities from NVD, Red H…
cve-lite-cli
CVE Lite CLI is a terminal-based dependency vulnerability scanner for JavaScript/TypeScript projects that reads your lockfile locally and outputs actionable fix…
cyberbro
Cyberbro is a Python-based open-source application that parses unstructured logs and text to extract indicators of compromise (IoCs)—IPs, domains, hashes, URLs—…
CyberStrike
CyberStrike is an open-source AI agent that automates penetration testing by combining large language models (Claude, GPT, etc.) with offensive security framewo…
dalfox
Dalfox is an open-source XSS scanner written in Rust, designed for automated vulnerability detection across reflected, stored, and DOM-based XSS vectors. It inc…
DeimosC2
DeimosC2 is a deprecated Golang-based command-and-control framework designed for post-exploitation red team operations. The project is no longer maintained and …
dep-scan
dep-scan is an open-source Python tool that identifies known vulnerabilities, license risks, and supply-chain threats in application dependencies and container …
dependency-track
Dependency-Track is an OWASP-backed open-source platform for analyzing software components and identifying supply chain vulnerabilities. It ingests Software Bil…
destroylist
Destroylist is a real-time, crowd-sourced blocklist of 170k+ phishing and scam domains, available in multiple DNS-compatible formats (hosts, dnsmasq, RPZ, etc.)…
dexcalibur
Dexcalibur is an Android reverse engineering platform that automates dynamic instrumentation tasks using Frida. It combines static DEX analysis, runtime method …
django-DefectDojo
DefectDojo is an open-source DevSecOps platform for vulnerability management, risk assessment, and security orchestration. It aggregates findings from multiple …
dockle
Dockle is a container image linter that scans Docker images for security vulnerabilities and best-practice violations, including CIS Benchmarks. It runs as a si…
dotenv
dotenv is a lightweight Node.js module that loads environment variables from a .env file into the application's runtime, supporting the Twelve-Factor App method…
dotenvx
dotenvx is a CLI and Node.js library for managing environment variables with end-to-end encryption, built by the creator of dotenv. It works across platforms an…
dpt-shell
dpt-shell is an open-source Android DEX protection tool that obfuscates method implementations by hollowing out DEX bytecode and reconstructing it at runtime. I…
EDRHunt
EDRHunt is a Windows-focused command-line tool that detects installed endpoint detection and response (EDR) and antivirus software by scanning processes, servic…
ElectricEye
ElectricEye is a Python-based CLI tool for auditing security posture across multiple cloud providers (AWS, GCP, Azure, OCI) and SaaS platforms (ServiceNow, Micr…
emba
EMBA is an open-source firmware security analyzer written in Bash that performs static and dynamic analysis on embedded device firmware to identify vulnerabilit…
eraser
Eraser is a Kubernetes operator that automatically removes unused container images from cluster nodes to free up disk space and reduce attack surface. It integr…
ethereum-lists
Ethereum-lists is a community-maintained repository of curated lists for Ethereum security, including phishing URLs, fake token addresses, and malicious smart c…
evillimiter
Evil Limiter is a Python-based tool for Linux that monitors and throttles bandwidth for devices on a local network using ARP spoofing and traffic shaping, witho…
extract_otp_secrets
Extract_otp_secrets is a Python tool that extracts OTP (one-time password) secrets from QR codes exported by 2FA apps like Google Authenticator. It supports mul…
eyeballer
Eyeballer is a Python-based CNN that automatically classifies web application screenshots into categories like 'Old-Looking Sites', 'Login Pages', 'Webapps', 'C…
fofa_viewer
FOFA Viewer is a JavaFX-based desktop client for querying the FOFA internet search engine. It wraps FOFA's API into a user-friendly interface with multi-tab res…
fridare
Fridare is a Go-based tool for modifying Frida server binaries and iOS plugins across Windows, macOS, Linux, Android, and iOS platforms. It automates obfuscatio…
fscan
Fscan is a Go-based intranet reconnaissance and vulnerability scanning tool designed for automated penetration testing. It performs host discovery, port scannin…
galah
Galah is an LLM-powered web honeypot written in Go that dynamically generates HTTP responses to arbitrary requests using large language models from providers li…
ggshield
ggshield is an open-source CLI tool that detects 500+ types of hardcoded secrets in code before they reach repositories. It integrates as a pre-commit hook, Git…
git-hound
GitHound is a Go-based tool that scans GitHub's public repositories and Gists for exposed API keys, secrets, and credentials using pattern matching and GitHub's…
gitGraber
gitGraber is a Python-based monitoring tool that searches GitHub in real-time for exposed sensitive data (API keys, secrets, credentials) across 31+ services in…
gogo
Gogo is a high-performance, Go-based reconnaissance and vulnerability scanning engine designed for red team operations. It supports flexible port configuration,…
gosec
Gosec is a static security analyzer for Go that scans source code for common vulnerabilities using pattern matching, control flow analysis, and taint tracking. …
goshs
goshs is a single-binary file server written in Go that combines HTTP/S, WebDAV, FTP/SFTP, SMB, and LDAP services with built-in security features like TLS, basi…
gotestwaf
GoTestWAF is an open-source Go tool that simulates API and OWASP attacks (SQL injection, XSS, etc.) to evaluate Web Application Firewalls, API gateways, and sec…
GpgFrontend
GpgFrontend is a cross-platform desktop GUI for OpenPGP encryption and digital signatures. It offers a choice between GnuPG (battle-tested) and Rust rPGP (memor…
grapefruit
Grapefruit is an open-source mobile security testing toolkit for iOS and Android that uses Frida to inspect, hook, and modify running apps through a web interfa…
graudit
graudit is a lightweight static analysis tool that uses grep and pattern-matching signatures to scan source code for potential security vulnerabilities. It supp…
GTFONow
GTFONow is an automated privilege escalation tool for Unix systems that exploits misconfigurations in sudo, setuid/setgid binaries, and capabilities. It is purp…
habu
Habu is a Python-based hacking toolkit designed for security testing and network analysis. It bundles network reconnaissance, ARP manipulation, DNS discovery, c…
haiti
Haiti is a lightweight CLI tool and Ruby library that identifies hash types from input strings. It supports 675+ hash algorithms including modern variants (SHA3…
hardening
A Shell script that hardens Ubuntu servers (22.04 and 24.04) by configuring kernel parameters, disabling unnecessary modules, setting up UFW firewall, and enfor…
horusec
Horusec is an open-source SAST (Static Application Security Testing) tool that scans code across 18 languages using 20 different security analysis engines in a …
HyperDbg
HyperDbg is a free, open-source Windows debugger that operates at the hypervisor level using Intel VT-x and EPT, enabling kernel and user-mode debugging without…
Impost3r
Impost3r is a Linux password-theft tool written in C that captures sudo, SSH, and su credentials by injecting malicious code into shell startup files or PAM mod…
inql
InQL is a Burp Suite extension written in Kotlin that automates GraphQL security testing by generating queries, detecting vulnerabilities, and analyzing schema …
IntelOwl
IntelOwl is an open-source threat intelligence management platform that aggregates data from multiple sources (VirusTotal, AbuseIPDB, etc.) and internal analysi…
interactsh
Interactsh is an open-source out-of-band (OOB) interaction detection tool used to identify vulnerabilities that trigger external interactions. It provides both …
Interlace
Interlace is a Python utility that parallelizes single-threaded command-line tools by distributing targets across multiple threads, supporting CIDR notation, gl…
inventory
Inventory is a curated, automatically-updated dataset of 800+ public bug bounty programs with DNS and web server metadata. It aggregates program data from multi…
jaeles
Jaeles is a Go-based web application security scanner framework designed for automated vulnerability testing. However, the project is archived and no longer mai…
JavaSecLab
JavaSecLab is a Spring Boot-based vulnerable application laboratory designed for learning Java security vulnerabilities through hands-on practice. It provides v…
juice-shop
OWASP Juice Shop is an intentionally vulnerable web application designed for security training, awareness demos, and CTF competitions. It runs on TypeScript/Nod…
keychain
Keychain is a Python-based SSH and GPG agent manager that consolidates multiple agent instances into a single, reusable session per host. It simplifies key mana…
keyshade
Keyshade is a realtime secret and configuration management platform that encrypts sensitive data using public-key cryptography, allowing teams to manage secrets…
kics
KICS is an open-source static analysis tool that scans Infrastructure-as-Code files (Terraform, Kubernetes, Docker, CloudFormation, etc.) to detect security vul…
kingfisher
Kingfisher is an open-source secret scanner built in Rust that detects leaked API keys, tokens, and credentials across code repositories, cloud storage, chat pl…
krane
Krane is a Kubernetes RBAC static analysis and visualization tool that identifies security risks in role-based access control configurations. It provides CLI, d…
KubeHound
KubeHound is a Datadog-maintained tool that automatically maps attack paths within Kubernetes clusters by building an attack graph. It helps security teams visu…
kubernetes-goat
Kubernetes Goat is an intentionally vulnerable Kubernetes cluster environment designed for hands-on security learning and penetration testing practice. It provi…
kubesec
Kubesec is a static analysis tool for scanning Kubernetes manifests and identifying security risks through rule-based scoring. It operates as a CLI tool, Docker…
Ladon
Ladon is a Chinese-language internal network penetration testing scanner written in C# that detects network vulnerabilities, performs credential auditing, and f…
landrun
Landrun is a lightweight Linux sandbox tool that restricts what programs can access on the filesystem and network using kernel-level Landlock security. It requi…
linux-exploit-suggester
Linux Exploit Suggester (LES) is a shell-based auditing tool that scans a Linux system to identify exposure to known kernel privilege escalation exploits and ve…
LuaN1aoAgent
LuaN1aoAgent is an autonomous penetration testing framework using LLMs and causal graph reasoning to simulate expert hacker behavior. It decouples testing into …
mantis
Mantis is a Python-based CLI framework that automates security scanning workflows for asset discovery, reconnaissance, and vulnerability detection. It ingests t…
matano
Matano is an open-source security data lake built on AWS that normalizes and stores security logs from 50+ sources in a structured, queryable format using Apach…
metabigor
Metabigor is an OSINT reconnaissance tool written in Go that performs network discovery, IP enrichment, certificate transparency searches, and related domain di…
MetaRadar
MetaRadar is an Android app that scans, analyzes, and tracks Bluetooth Low Energy (BLE) devices in your environment. It helps users identify which BLE devices b…
Mobile-Security-Framework-MobSF
MobSF is an automated mobile app security testing platform supporting Android, iOS, and Windows. It performs static analysis on binaries (APK, IPA, APPX) and so…
mobsfscan
mobsfscan is a static analysis tool that scans Android and iOS source code (Java, Kotlin, Swift, Objective-C) for insecure patterns. It integrates MobSF securit…
monkey
Infection Monkey is an open-source adversary emulation platform that simulates malware spread across networks to test your security defenses. It comprises an ag…
monkey365
Monkey365 is an open-source PowerShell module that audits Microsoft 365, Azure, and Entra ID for security misconfigurations and compliance gaps. It bundles all …
mutillidae
OWASP Mutillidae II is a deliberately vulnerable PHP web application designed for security training and penetration testing practice. It contains over 40 intent…
my-arsenal-of-aws-security-tools
A curated list of open-source AWS security tools covering defensive measures, offensive testing, auditing, and incident response. It serves as a reference guide…
MyIP
MyIP is a self-hosted web-based toolbox for checking your IP address, geolocation, and running network diagnostics including DNS leak tests, speed tests, WebRTC…
NetExec
NetExec is a command-line tool for executing commands and performing reconnaissance across Windows networks and Active Directory environments. It is the communi…
Nettacker
OWASP Nettacker is an open-source Python framework for automated penetration testing and vulnerability scanning. It performs reconnaissance, port scanning, serv…
nmap-formatter
nmap-formatter is a Go-based CLI tool that converts nmap XML scan results into multiple human-readable formats (HTML, CSV, JSON, Markdown, Graphviz, SQLite, Exc…
nodejsscan
nodejsscan is a static security code scanner (SAST) for Node.js applications that detects common security vulnerabilities. It combines libsast and semgrep engin…
noir
Noir is an OWASP-backed static analysis tool that extracts all API endpoints from your source code, including hidden and deprecated routes. It outputs the disco…
npq
npq is a CLI tool that audits npm packages before installation by checking for known vulnerabilities, suspicious metadata patterns, and supply-chain red flags. …
openappsec
open-appsec is an open-source machine learning-based Web Application Firewall (WAF) that automatically detects and blocks threats against web apps and APIs. It …
openrasp
OpenRASP is an open-source Runtime Application Self-Protection (RASP) solution that hooks into application servers to detect and block attacks at execution time…
OpenSCA-cli
OpenSCA-cli is an open-source software composition analysis tool that scans project dependencies across multiple languages to detect vulnerabilities and verify …
opensquat
openSquat is an open-source Python tool that detects domain look-alikes and cyber squatting threats by monitoring newly registered domains for typosquats, phish…
osv.dev
osv.dev is Google's open-source vulnerability database and triage service that aggregates security vulnerability data from multiple sources (NVD, PyPI, Alpine, …
osv-scanner
OSV-Scanner is an open-source vulnerability scanner built in Go that checks project dependencies against the OSV.dev database to identify known security vulnera…
OWASP-VWAD
OWASP-VWAD is a directory of known vulnerable web applications used for security testing and learning. The repository is being wound down; future work has moved…
medusa
MEDUSA is an AI-first security scanner built in Python that detects 40,000+ security patterns with zero setup required. It specializes in AI/LLM supply-chain at…
PatrowlManager
PatrowlManager is an open-source security operations orchestration platform that aggregates and coordinates security scans, vulnerability detection, and inciden…
pdfrip
PDFRip is a multi-threaded command-line tool written in Rust for cracking password-protected PDF documents using wordlist, brute-force, and structured pattern a…
pentest-ai-agents
pentest-ai-agents is a collection of 50 Claude Code subagents designed to assist with penetration testing tasks by routing requests to specialized AI agents. It…
PentestingEverything
PentestingEverything is an open-source knowledge base and website for penetration testing and application security, covering 23 domains from web and API to mobi…
pipelock
Pipelock is an open-source AI agent firewall that inspects HTTP, WebSocket, MCP, and A2A traffic for secret exfiltration, SSRF, and prompt injection. It sits in…
Powershellisfun
Powershellisfun is a curated collection of PowerShell scripts for Windows administration, Microsoft 365, Active Directory, Intune, and Exchange management. The …
ppfuzz
ppfuzz is a Rust-based command-line tool that automatically scans websites for client-side prototype pollution vulnerabilities. It uses a headless Chromium brow…
privacy.sexy
privacy.sexy is an open-source desktop and web application that automates privacy and security hardening on Windows, macOS, and Linux through curated, reversibl…
privado
Privado is an open-source static code analysis tool that detects how sensitive data flows through your codebase, identifies security vulnerabilities, and genera…
prowler
Prowler is an open-source cloud security platform that automates compliance and security scanning across AWS, Azure, GCP, Kubernetes, and 6+ other cloud provide…
ProxyCat
ProxyCat is a Python-based proxy pool middleware that converts short-lived static proxy IPs into fixed tunnel IPs, enabling persistent proxy services via HTTP/S…
psudohash
Psudohash is a Python-based password mutation generator that creates millions of keyword variants by applying leet substitutions, case changes, padding, and yea…
Qu1cksc0pe
Qu1cksc0pe is a GPL-3.0 licensed, command-line malware analysis tool written primarily in YARA and Python that performs static and dynamic analysis on Windows, …
railsgoat
RailsGoat is an open-source, deliberately vulnerable Rails application maintained by OWASP. It demonstrates real-world security flaws from the OWASP Top 10 and …
raven
Raven is a Python-based CI/CD security analyzer that scans GitHub Actions workflows and stores findings in Neo4j. It helps identify misconfigurations and securi…
reaper
Reaper is a man-in-the-middle HTTPS proxy tool designed for application security testing. It intercepts and logs web traffic to a local database, offering a CLI…
reconftw
reconFTW is a bash-based automated reconnaissance tool that orchestrates subdomain enumeration, vulnerability scanning, OSINT, and web analysis to streamline pe…
reconmap
Reconmap is an open-source penetration testing and vulnerability assessment platform built on JavaScript that helps security teams plan, execute, and report on …
rengine
reNgine is an open-source web application reconnaissance framework that automates subdomain discovery, vulnerability scanning, and recon data organization. It c…
requests-ip-rotator
A Python library that leverages AWS API Gateway to rotate through AWS's IP pool for making requests appear to come from different IP addresses. It's designed to…
Reveil
Reveil is an open-source iOS system and security analysis dashboard built in SwiftUI that replicates the discontinued Unveil app. It provides real-time visibili…
reverse_ssh
Reverse SSH is a Go-based tool that enables SSH-based reverse shells, allowing operators to manage compromised systems through a central server using native SSH…
reversingBits
Reversing Bits is a curated repository of cheatsheets and reference guides for reverse engineering, binary analysis, and assembly programming tools. It covers 4…
ronin
Ronin is a GPL-3.0 Ruby toolkit for security research, penetration testing, and CTF activities. It provides CLI commands and libraries for encoding, decoding, n…
RustScan
RustScan is a high-speed port scanner written in Rust that identifies open ports in seconds. It supports scripting in Python, Lua, and Shell, and can pipe resul…
vet
vet is a Go-based CLI tool for scanning open-source dependencies to detect malicious packages, vulnerabilities, and license compliance issues. It uses SafeDep C…
sast-skills
sast-skills is a collection of AI agent skills that transform LLM coding assistants (Claude, Cursor, etc.) into automated vulnerability scanners. It detects 13 …
scant3r
ScanT3r is a Python-based, module-driven bug bounty automation framework designed to reduce scripting overhead for web penetration testers. It provides pre-buil…
scapy
Scapy is a Python library for building, sending, and analyzing network packets. It replaces or extends the functionality of tools like tcpdump, Wireshark, and n…
scilla
Scilla is a Go-based command-line tool for security reconnaissance that automates DNS enumeration, subdomain discovery, port scanning, and directory fuzzing. It…
SecretScanner
SecretScanner is a Go-based open-source tool that scans container images and file systems to detect hardcoded secrets like passwords, API keys, SSH keys, and to…
security-tools
A collection of Python and Bash security tools designed for CTF competitions, bug bounty hunting, and penetration testing. The project provides scanners, static…
semgrep
Semgrep is an open-source static analysis tool that searches code for bugs and security issues across 30+ languages using pattern matching that resembles source…
shannon
Shannon is an autonomous AI pentester that analyzes your application source code and executes real exploits against running web apps and APIs to identify vulner…
ship-safe
Ship Safe is a CLI security scanner designed for AI-driven development environments. It detects CI/CD misconfigurations, agent permission risks, MCP tool inject…
Slack
Slack is a desktop security toolkit (written in Go with Wails UI) that integrates web scanning, directory enumeration, company intelligence, and space search ca…
sliver
Sliver is an open-source adversary emulation and red team framework built in Go, enabling organizations to conduct security testing with dynamically compiled im…
cli
Step CLI is a command-line tool for managing X.509 certificates, JWT/JOSE tokens, SSH certificates, and OAuth workflows. It works standalone or with step-ca (an…
social-analyzer
Social Analyzer is an OSINT tool that searches for a person's profile across 1000+ social media websites using multiple detection techniques. It provides API, C…
spiderfoot
SpiderFoot is an open-source OSINT automation tool that gathers intelligence from 200+ data sources to map attack surfaces and support threat intelligence workf…
spray
Spray is a high-performance HTTP directory fuzzing and reconnaissance tool written in Go, designed for security testing and red team operations. It offers dicti…
SpringBoot-Scan
SpringBoot-Scan is a Python-based penetration testing framework targeting Spring Boot applications. It scans for sensitive information leakage endpoints and pro…
ssh-mitm
SSH-MITM is a Python-based tool for intercepting and auditing SSH connections in real time. It sits between SSH clients and servers, capturing credentials, mani…
static-analysis
static-analysis is a curated, community-maintained directory of SAST tools and linters across all programming languages and configuration formats. It serves as …
Stowaway
Stowaway is a multi-hop proxy tool written in Go, designed for penetration testers to route external traffic through multiple internal network nodes, bypassing …
super
SPR is an open-source router platform that assigns one WiFi password per device and enforces zero-trust network policies with per-device DNS rules and ad-blocki…
sysmon-modular
sysmon-modular is a community-maintained repository of modular Sysmon configurations for Windows endpoint monitoring and threat detection. It provides pre-gener…
tabby
Tabby is a Java static code analysis tool that converts JAR/WAR/CLASS files into code property graphs stored in Neo4j, enabling automated discovery of gadget ch…
terragoat
TerraGoat is an intentionally vulnerable Terraform repository maintained by Bridgecrew, designed for security training and testing policy-as-code frameworks. It…
threagile
Threagile is an open-source toolkit for agile threat modeling that lets teams define system architecture and assets as YAML files and automatically check them a…
ThreatIngestor
ThreatIngestor is an open-source Python tool that extracts and aggregates indicators of compromise (IOCs) from multiple threat feeds—Twitter, RSS, GitHub, web p…
thug
Thug is a Python-based low-interaction honeyclient that simulates web browser behavior to detect and analyze client-side malware and exploit attempts. It comple…
titus
Titus is a high-performance secrets scanner written in Go that detects leaked credentials, API keys, and tokens across source code, git history, container image…
TokenUniverse
TokenUniverse is a Windows-native desktop application written in Delphi/Pascal that provides advanced UI-based manipulation of Windows access tokens, security p…
trivy
Trivy is an open-source security scanner that detects vulnerabilities, misconfigurations, secrets, and software licenses across containers, Kubernetes, code rep…
trivy-action
trivy-action is a GitHub Action that integrates Aqua Security's Trivy vulnerability scanner into CI/CD pipelines. It scans Docker images, filesystems, repositor…
trivy-operator
Trivy Operator is a Kubernetes-native security toolkit that automatically scans your cluster for vulnerabilities, misconfigurations, exposed secrets, and compli…
trufflehog
TruffleHog is an open-source secrets discovery and validation tool written in Go that scans Git repositories, cloud storage, chat systems, and other sources to …
VAmPI
VAmPI is a deliberately vulnerable REST API built with Flask that includes OWASP Top 10 API vulnerabilities. It is designed for security testing, penetration te…
vapi
vAPI is a self-hosted vulnerable API training application that deliberately implements OWASP API Top 10 security flaws as educational exercises. It's designed f…
VHostScan
VHostScan is a Python-based virtual host discovery tool that identifies subdomains and virtual hosts by performing HTTP/HTTPS scans and reverse lookups. It hand…
vuln-bank
vuln-bank is an intentionally vulnerable banking web application built for security training and penetration testing practice. It simulates real-world banking f…
VulnClaw
VulnClaw is an AI-powered penetration testing CLI tool that automates the full testing workflow—reconnaissance, vulnerability discovery, exploitation, and repor…
vulnerablecode
VulnerableCode is a free, open-source vulnerability database with a web UI and API that tracks known software package vulnerabilities and their affected/fixed v…
vuls
Vuls is an agent-less vulnerability scanner written in Go that detects security issues across Linux, FreeBSD, containers, and other environments. It pulls from …
Web-Cache-Vulnerability-Scanner
Web-Cache-Vulnerability-Scanner (WCVS) is a Go-based CLI tool for detecting web cache poisoning and deception vulnerabilities. It supports 10 poisoning techniqu…
web-check
Web-Check is an open-source OSINT dashboard that analyzes websites to uncover technical details, security configurations, and infrastructure information. It pro…
Whaler
Whaler is a Go utility that reverse-engineers Docker images back into their original Dockerfiles. It extracts layer metadata, detects potential secrets in filen…
WhatWeb
WhatWeb is a Ruby-based web application scanner that identifies websites, technologies, and versions by analyzing HTTP responses and server behavior. It offers …
wifi-deauth
wifi-deauth is a Python-based denial-of-service tool that disconnects all devices from a target WiFi network by sending spoofed deauthentication packets. It ope…
wpprobe
WPProbe is a fast WordPress plugin and theme scanner written in Go that detects installed components via REST API enumeration and HTML parsing, then maps them t…
wrongsecrets
OWASP WrongSecrets is an intentionally vulnerable web application designed to teach secrets management security through hands-on challenges. It contains 67 chal…
wstg
WSTG is an open-source, community-maintained guide published by OWASP that documents comprehensive web application security testing methodologies and best pract…
xalgorix
Xalgorix is a self-hosted AI-powered penetration testing platform that automates security scanning using large language models (LLMs) you control. It combines a…
yaklang
Yaklang is a domain-specific programming language built in Go for cybersecurity work, offering both compiled and interpreted execution through its own virtual m…
zap-extensions
ZAP Extensions is a collection of add-ons for the Zed Attack Proxy (ZAP), an open-source dynamic application security testing (DAST) tool. These extensions expa…
zaproxy
ZAP (Zed Attack Proxy) by Checkmarx is a free, open-source web application security scanner that automatically identifies vulnerabilities during development and…
zerobox
Zerobox is a lightweight process sandbox for Rust, TypeScript, and Python that isolates command execution with fine-grained controls over file access, network, …
ziti
OpenZiti is an open-source zero-trust networking platform that makes network services invisible and accessible only to authenticated, authorized users or worklo…
zizmor
Zizmor is a static analysis tool written in Rust that scans GitHub Actions workflows to identify security vulnerabilities such as template injection, credential…
A software development agency for open-source projects
DEV.co is a software development agency offering custom software development services and web development for companies adopting open-source security tools. Our software developers and web developers evaluate, implement, integrate, customize, and maintain open-source software in production — so your team ships faster with less risk.
Building with open-source security tools?
DEV.co helps companies evaluate, customize, integrate, and deploy open-source software with senior software developers.