Displaying 1 to 20 from 22 results

syzkaller - syzkaller is an unsupervised, coverage-guided Linux system call fuzzer


syzkaller is an unsupervised coverage-guided Linux kernel fuzzer.The project mailing list is syzkaller@googlegroups.com. You can subscribe to it with a google account or by sending an email to syzkaller+subscribe@googlegroups.com.

brakeman - A static analysis security vulnerability scanner for Ruby on Rails applications


Brakeman is an open source static analysis tool which checks Ruby on Rails applications for security vulnerabilities. Check out Brakeman Pro if you are looking for a commercially-supported version with a GUI and advanced features.

Gitleaks - Searches full repo history for secrets and keys


Gitleaks audits local and remote repos by running regex checks against all commits.

EnvKey - Protect API keys and credentials, Keep configuration in sync everywhere.


This is EnvKey's cross-platform native application. It supports Mac, Windows, and Linux. EnvKey is an end-to-end encrypted secrets and configuration management tool. It keeps your configuration securely and automatically in sync for all your developers and servers.




unsign - Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed


Remove code signatures from OSX Mach-O binaries (note: unsigned binaries cannot currently be re-codesign'ed. Patches welcome!)

envkey-node - EnvKey's official Node.js client library


Integrate EnvKey with your Node.js projects to keep api keys, credentials, and other configuration securely and automatically in sync for developers and servers.Generate an ENVKEY in the EnvKey App. Then set ENVKEY=..., either in a gitignored .env file in the root of your project (in development) or in an environment variable (on servers).

envkey-source - Set OS-level shell environment variables with EnvKey


Integrate EnvKey with any language, either in development or on a server, by making your configuration available through the shell as environment variables.envkey-source compiles into a simple static binary with no dependencies, which makes installation a simple matter of fetching the right binary for your platform and putting it in your PATH. An install.sh script is available to simplify this.


npm-lint - A linter for npm & node package.json files with a focus on dependency security


A opinionated, but configurable linter for npm & node package.json files with a focus on security. npm-lint is build using Typescript on top of node 8 as it uses async/await - however the distribution is compiled and confirmed to work with node >= 6.5.0.

patrol-rules-aws - A set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance


A set of functions implemented using lambda-cfn to monitor an organization's AWS infrastructure for best practices, security and compliance. Part of the Mapbox Patrol security framework.The following functions are included with patrol-rules-aws. Each rule is configurable, and you will be prompted to enter configuration values when deploying the function with lambda-cfn.

forseti-security


A community-driven collection of open source tools to improve the security of your Google Cloud Platform environments.Get Started with Forseti Security.

Mitm - Man in the middle tool


This tool can be use to perform a man in the middle using ARP poisoning on two given hosts.Using osdep, a tunnel creation library which is part of the aircrack project, it can set up an interface (mitm0) in which the replayed packets will be written (to sniff easily).

bag-of-holding - An application to assist in the organization and prioritization of software security activities


The Bag of Holding is an application to assist in the organization and prioritization of software security activities. For information on setting up a development environment, see INSTALL.md.

dirsearch - A Go implementation of dirsearch.


DirSearch takes an input URL ( -url parameter ) and a wordlist ( -wordlist parameter ), it will then perform concurrent HEAD requests using the lines of the wordlist as paths and files eventually bruteforcing folders and files on a web server. This project is copyleft of Simone Margaritelli and released under the GPL 3 license.

salt-scanner - Linux vulnerability scanner based on Salt Open and Vulners audit API, with Slack notifications and JIRA integration


A linux vulnerability scanner based on Vulners Audit API and Salt Open, with Slack notifications and JIRA integration. Note: Salt Master and Minion versions should match. Salt-Scanner supports Salt version 2016.11.x. if you are using version 2017.7.x, replace "expr_form" with "tgt_type" in salt-scanner.py.

heralding - Credentials catching honeypot


Sometimes you just want a simple honeypot that collects credentials, nothing more. Heralding is that honeypot! Currently the following protocols are supported: ftp, telnet, ssh, http, https, pop3, pop3s, imap, imaps, smtp and postgresql. You need Python 3.5.0 or higher.

ss-auth - Stupid Simple Authentication


This project contains code which shows how to implement your own user authentication in a Node.js web app with MongoDB. This project is meant to go along with the talk I gave at Twilio Signal 2017. The talk walks you through how authentication works, from the ground up.





We have large collection of open source products. Follow the tags from Tag Cloud >>


Open source products are scattered around the web. Please provide information about the open source projects you own / you use. Add Projects.