Stars
External Secrets Operator reads information from a third-party service like AWS Secrets Manager and automatically injects the values as Kubernetes Secrets.
API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
Popular Pentesting scanner in Python3.6 for SQLi/XSS/LFI/RFI and other Vulns
A curated list of awesome Go linters. More than 60 linters and tools!
A curated list of resources for learning about application security
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
A service that analyzes docker images and scans for vulnerabilities
Garbage collector for Docker Swarm / Автоматическая сборка мусора для Docker и Docker Swarm
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
a collection of scripts for MikroTik RouterOS
Phan is a static analyzer for PHP. Phan prefers to avoid false-positives and attempts to prove incorrectness rather than correctness.
A simple framework for sending test payloads for known web CVEs.
Encoder to bypass WAF filters using XOR operations.
This will assist you in the finding of potentially vulnerable PHP code. Each type of grep command is categorized in the type of vulnerabilities you generally find with that function.
grep rough audit - source code auditing tool
PHPStan rules for detecting usage of deprecated classes, methods, properties, constants and traits.
Automated security testing using gherkin syntax and behaviour driven test cases
🔐 Security advisories as a simple composer exclusion list, updated daily
Audit your PHP version for known CVEs and patches
Visual Studio Team Services build/release task for running OWASP ZAP automated security tests
Fast and easy script to manage pentesting training apps