Lists (1)
Stars
Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc
An incremental parsing system for programming tools
Vulnerability scanner written in Go which uses the data provided by https://osv.dev
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security v…
wapiti-scanner / webappanalyzer
Forked from enthec/webappanalyzerThis project aims to maintain Wappalyzer technologies
Vulnerable API for educational purposes
atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.
OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container …
Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.
Proactive, Open source API security → API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
Automated All-in-One OS Command Injection Exploitation Tool.
Get up and running with Llama 3.3, DeepSeek-R1, Phi-4, Gemma 3, Mistral Small 3.1 and other large language models.
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.
Tool to find metadata and hidden information in the documents.
E-mails, subdomains and names Harvester - OSINT
Brute force subghz fixed codes using flipper zero
TerminatorZ is a highly sophisticated and efficient web security tool that scans for top potential vulnerabilities with known CVEs in your web applications.
This repository contains the scanner component for Greenbone Community Edition.
🕵️♂️ All-in-one OSINT tool for analysing any website
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Convolutional neural network for analyzing pentest screenshots
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects