Displaying 1 to 20 from 67 results

rails-security-checklist - :key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

  •    Ruby

This checklist is limited to Rails security precautions and there are many other aspects of running a Rails app that need to be secured (e.g. up-to-date operating system and other software) that this does not cover. Consult a security expert. One aim for this document is to turn it into a community resource much like the Ruby Style Guide.

bettercap - A complete, modular, portable and easily extensible MITM framework.

  •    Ruby

bettercap is a complete, modular, portable and easily extensible MITM tool and framework with every kind of diagnostic and offensive feature you could need in order to perform a man in the middle attack. All dependencies will be automatically installed through the RubyGems system but in some cases you might need to install some system dependency in order to make everything work.

brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications

  •    Ruby

Brakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities. Check out Brakeman Pro if you are looking for a commercially-supported version with a GUI and advanced features.

arachni - Web Application Security Scanner Framework

  •    Ruby

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications. It is smart, it trains itself by monitoring and learning from the web application's behavior during the scan process and is able to perform meta-analysis using a number of factors in order to correctly assess the trustworthiness of results and intelligently identify (or avoid) false-positives.




NoSQLMap - Automated NoSQL database enumeration and web application exploitation tool.

  •    Python

NoSQLMap is an open source Python tool designed to audit for as well as automate injection attacks and exploit default configuration weaknesses in NoSQL databases and web applications using NoSQL in order to disclose or clone data from the database. Originally authored by @tcsstool and now maintained by @codingo_ NoSQLMap is named as a tribute to Bernardo Damele and Miroslav's Stampar's popular SQL injection tool sqlmap. Its concepts are based on and extensions of Ming Chow's excellent presentation at Defcon 21, "Abusing NoSQL Databases".

Reconnoitre - A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing

  •    Python

A reconnaissance tool made for the OSCP labs to automate information gathering and service enumeration whilst creating a directory structure to store results, findings and exploits used for each host, recommended commands to execute and directory structures for storing loot and flags. This tool is based heavily upon the work made public in Mike Czumak's (T_v3rn1x) OSCP review (link) along with considerable influence and code taken from Re4son's mix-recon (link). Virtual host scanning is originally adapted from teknogeek's work which is heavily influenced by jobertabma's virtual host discovery script (link). Further Virtual Host scanning code has been adapted from a project by Tim Kent and I, available here (link).

vuls - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go

  •    Go

For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for system administrator to choose not to use the automatic update option provided by package manager and to perform update manually. This leads to the following problems. Vuls is a tool created to solve the problems listed above. It has the following characteristics.


repo-security-scanner - CLI tool that finds secrets accidentally committed to a git repo, eg passwords, private keys

  •    Go

Check the entire history of the current branch for secrets. See example in this repo.

vulscan - Advanced vulnerability scanning with Nmap NSE

  •    Lua

Vulscan is a module which enhances nmap to a vulnerability scanner. The nmap option -sV enables version detection per service which is used to determine potential flaws according to the identified product. The data is looked up in an offline version of VulDB. Just execute vulscan like you would by refering to one of the pre-delivered databases. Feel free to share your own database and vulnerability connection with me, to add it to the official repository.

wordpress-exploit-framework - A Ruby framework designed to aid in the penetration testing of WordPress systems

  •    Ruby

A Ruby framework designed to aid in the penetration testing of WordPress systems. To install the latest stable build, run gem install wpxf.

subfinder - SubFinder is a subdomain discovery tool that discovers valid subdomains for websites

  •    Go

SubFinder is a subdomain discovery tool that discovers valid subdomains for websites by using passive online sources. It has a simple modular architecture and has been aimed as a successor to sublist3r project. SubFinder uses Passive Sources, Search Engines, Pastebins, Internet Archives, etc to find subdomains and then it uses a permutation module inspired by altdns to generate permutations and resolve them quickly using a powerful bruteforcing engine. It can also perform plain bruteforce if needed. The tool is highly customizable, and the code is built with a modular approach in mind making it easy to add functionalities and remove errors. We have designed SubFinder to comply with all passive sources licenses, and usage restrictions, as well as maintained a consistently passive model to make it useful to both penetration testers and bug bounty hunters alike.

dawnscanner - Dawn is a static analysis security scanner for ruby written web applications

  •    Ruby

dawnscanner is a source code scanner designed to review your ruby code for security issues. dawnscanner version 1.6.6 has 235 security checks loaded in its knowledge base. Most of them are CVE bulletins applying to gems or the ruby interpreter itself. There are also some check coming from Owasp Ruby on Rails cheatsheet.

cansina - Web Content Discovery Tool

  •    Python

Cansina is a Web Content Discovery Application. It is well known Web applications don't publish all their resources or public links, so the only way to discover these resources is requesting for them and check the response.

github-dorks - Collection of github dorks and helper tool to automate the process of checking dorks

  •    Python

Github search is quite powerful and useful feature and can be used to search sensitive data on the repositories. Collection of github dorks that can reveal sensitive personal and/or organizational information such as private keys, credentials, authentication tokens, etc. This list is supposed to be useful for assessing security and performing pen-testing of systems. github-dork.py is a simple python tool that can search through your repository or your organization/user repositories. Its not a perfect tool at the moment but provides a basic functionality to automate the search on your repositories against the dorks specified in text file.

scans - AWS security scanning checks

  •    Javascript

CloudSploit scans is an open-source project designed to allow detection of security risks in an AWS account. These scripts are designed to run against an AWS account and return a series of potential misconfigurations and security risks. Ensure that NodeJS is installed. If not, install it from here.