KlamAV - ClamAV for KDE

•    C

KlamAV is an Anti-Virus Manager for the KDE Desktop. Based on the ClamAV scanning engine, it features : 'On Access' Scanning * Manual Scanning * Quarantine Management * Update Management * Mail Scanning (KMail/Evolution) * Virus Browser

Clam AntiVirus

•    C

Clam AntiVirus is an anti-virus toolkit for UNIX, designed especially for e-mail scanning on mail gateways. It provides a number of utilities including a flexible and scalable multi-threaded daemon, a command line scanner and advanced tool for automatic database updates.

paperwork - Personal document manager (Linux/Windows)

•    Python

Paperwork is a personal document manager. It manages scanned documents and PDFs.It's designed to be easy and fast to use. The idea behind Paperwork is "scan & forget": You can just scan a new document and forget about it until the day you need it again.

Loki - Loki - Simple IOC and Incident Response Scanner

•    Python

The Windows binary is compiled with PyInstaller 2.1 and should run as x86 application on both x86 and x64 based systems. Download the latest version of LOKI from the releases section.

better-files - Simple, safe and intuitive Scala I/O

•    Scala

better-files is a dependency-free pragmatic thin Scala wrapper around Java NIO. Although this library is currently only actively developed for Scala 2.11, 2.12 and 2.13, you can find reasonably recent versions of this library for Scala 2.10 here.

awesome-web-hacking - A list of web application security

This list is for anyone wishing to learn about web application security but do not have a starting point. You can help by sending Pull Requests to add more information.

instascan - HTML5 QR code scanner using your webcam

•    Javascript

Real-time webcam-driven HTML5 QR code scanner. Try the live demo. Note: Chrome requires HTTPS when using the WebRTC API. Any pages using this library should be served over HTTPS.

arachni - Web Application Security Scanner Framework

•    Ruby

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify (or avoid) false-positives.

retire.js - scanner detecting the use of JavaScript libraries with known vulnerabilities

•    Javascript

There is a plethora of JavaScript libraries for use on the Web and in Node.JS apps out there. This greatly simplifies development,but we need to stay up-to-date on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 list of security risks and insecure libraries can pose a huge risk to your Web app. The goal of Retire.js is to help you detect the use of JS-library versions with known vulnerabilities. A Grunt task for running Retire.js as part of your application's build routine, or some other automated workflow.

NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.

•    Python

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database. Originally authored by @tcsstool and now maintained by @codingo_ NoSQLMap is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap. Its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, "Abusing NoSQL Databases".

Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing

•    Python

A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. This tool is based heavily upon the work made public in Mike Czumak's (T_v3rn1x) OSCP review (link) along with considerable influence and code taken from Re4son's mix-recon (link). Virtual host scanning is originally adapted from teknogeek's work which is heavily influenced by jobertabma's virtual host discovery script (link). Further Virtual Host scanning code has been adapted from a project by Tim Kent and I, available here (link).

Sn1per - Automated Pentest Recon Scanner

•    PHP

Sn1per Community Edition is an automated scanner that can be used during a penetration test to enumerate and scan for vulnerabilities. Sn1per Professional is Xero Security's premium reporting addon for Professional Penetration Testers, Bug Bounty Researchers and Corporate Security teams to manage large environments and pentest scopes. For more information regarding Sn1per Professional, go to https://xerosecurity.com. To obtain a Sn1per Professional license, go to https://xerosecurity.com.

xunfeng - 巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

•    Python

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

routersploit - Exploitation Framework for Embedded Devices

•    Python

The RouterSploit Framework is an open-source exploitation framework dedicated to embedded devices. Update RouterSploit Framework often. The project is under heavy development and new modules are shipped almost every day.

RED_HAWK - All in one tool for Information Gathering, Vulnerability Scanning and Crawling

•    PHP

RED HAWK's CMS Detector currently is able to detect the following CMSs (Content Management Systems) in case the website is using some other CMS, Detector will return could not detect. Want to contribute to RED HAWK or point out something wrong? Just create a new issue here: https://github.com/Tuhinshubhra/RED_HAWK/issues/new I'd love to hear from you.

iniscan - A php.ini scanner for best security practices

•    PHP

The Iniscan is a tool designed to scan the given php.ini file for common security practices and report back results. Currently it is only for use on the command line and reports the results back to the display for both Pass and Fail on each test. The only current dependency is the Symfony console.

Raccoon - A high performance offensive security tool for reconnaissance and vulnerability scanning

•    Python

Raccoon is a tool made for reconnaissance and information gathering with an emphasis on simplicity. It will do everything from fetching DNS records, retrieving WHOIS information, obtaining TLS data, detecting WAF presence and up to threaded dir busting and subdomain enumeration. Every scan outputs to a corresponding file. As most of Raccoon's scans are independent and do not rely on each other's results, it utilizes Python's asyncio to run most scans asynchronously.

signature-base - Signature base for my scanner tools

•    Python

The signature-base repository is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. This signature-base is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICLAR PURPOSE. See the GNU General Public License for more details.

goscan - goscan is a simple and efficient IPv4 network scanner that discovers all active devices on local subnet

•    Go

Goscan must run as root. Goscan work in Linux/Mac using libpcap and on Windows with WinPcap.

XAttacker - X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter

•    Perl

X Attacker Tool ☣ Website Vulnerability Scanner & Auto Exploiter