Shannon Lite is a fully autonomous AI pentester for web apps and APIs. 96.15% (100/104 exploits) on a hint-free, source-aware variant of the XBOW benchmark.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

🐚 Python-powered shell. Full-featured, cross-platform and AI-friendly.

✨ Fully autonomous AI Agents system capable of performing complex penetration testing tasks

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

Go security checker

Infection Monkey - An open-source adversary emulation platform

Automated Adversary Emulation Platform

Open Source Vulnerability Management Platform

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

👀👮🐢🔥Performs a privacy & security check of Windows 10

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Security automation content in SCAP, Bash, Ansible, and other formats

Automated Security Testing For REST API's

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

Automation to assess the state of your M365 tenant against CISA's baselines

🕵️ OSINT Tools for gathering information and actions forensics 🕵️

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.

PentestAgent is an AI agent framework for black-box security testing, supporting bug bounty, red-team, and penetration testing workflows.

Hardening Ubuntu. Systemd edition.

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台，无需编写代码的安全自动化，使用 SOAR 可以让团队工作更加高效

The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

Firmware Analysis and Comparison Tool