audit
GDPR compliance auditor for cookie consent. CLI tool to scan websites for GDPR cookie consent compliance.
Open-source CLI that scans any website for GDPR compliance — detects dark patterns, scores 4 regulatory dimensions, and generates ready-to-share HTML reports.
Advanced Kubernetes Architecture Security Tool
This tool allows to perform the reconstruction of complex attack paths by graph generation in a Kubernetes cluster. It uses Neo4j for the storage of objects and relationships in database as well as neodash for visualization. The language Cypher as MySQL allows queries to the database to retrieve graphs. It can be used by security auditors to quickly identify attack paths or security experts to monitor theses paths.
Browser-based DevOps audit tools. No backend. No signup. Everything runs client-side.
AdminDroid Microsoft 365 auditing tool come up with immense reports on all the Microsoft 365 audit activities in the audit log search. Providing in-depth details on user sign-in activities is a head start for admins to analyze the users' sign-in data. With this Azure AD auditing tool, admins can monitor user logins, user activities, group activities, application activities, etc. Jazz up your Microsoft 365 Azure auditing without playing hard with PowerShell cmdlet like 'Search-UnifiedAuditLog'.
Security auditing CLI for web applications.
VICE is a security auditing CLI tool that finds vulnerabilities in your web applications. It has two modes:
Remote scan gives it a URL. It crawls your site with a real browser, extracts secrets from JS bundles, tests your login for brute force and SQL injection, scans your VPS ports, checks your Supabase RLS, and more. Like an attacker would, but on your own systems.
Local audit points it at your project directory. It reads your source code, checks your .env files, runs npm audit, analyzes your Supabase migrations for missing RLS, finds SQL injections and XSS in your code, and tells you exactly what to fix.
Health-Check & Audit Tool for Nuxt Modules
A health-check and audit tool for Nuxt modules. nuxt.care helps you discover which modules are actively maintained, Nuxt 4 compatible, and which ones you should avoid.
NIST Certified SCAP 1.2 toolkit. The oscap program is a command line tool that allows users to load, scan, validate, edit, and export SCAP documents.
The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines. We maintain great flexibility and interoperability, reducing costs of performing security audits.
Related contents:
Run a cloud exit assessment on your infrastructure to gain insights into the challenges and constraints of a potential cloud exit.
cloudexit is an open-source tool that empowers cloud engineers to conduct comprehensive cloud exit assessments. It helps identify and evaluate the risks associated with their cloud environment while providing actionable insights into the challenges and constraints of transitioning away from their current cloud provider. By leveraging EscapeCloud Community Edition, organizations can better prepare for a potential cloud exit, ensuring a smoother and more informed decision-making process.
Tool for building Kubernetes attack paths.
KubeHound creates a graph of attack paths in a Kubernetes cluster, allowing you to identify direct and multi-hop routes an attacker is able to take, visually or through complex graph queries.
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
GitDorker is a tool that utilizes the GitHub Search API and an extensive list of GitHub dorks that I've compiled from various sources to provide an overview of sensitive information stored on github given a search query.
The Primary purpose of GitDorker is to provide the user with a clean and tailored attack surface to begin harvesting sensitive information on GitHub. GitDorker can be used with additional tools such as GitRob or Trufflehog on interesting repos or users discovered from GitDorker to produce best results.
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
Related contents:
Claude Code skill that produces a thorough, file-cited tech debt audit of an entire codebase
Your Microsoft Security test automation framework!
Monitor your Microsoft 365 tenant's security configuration using Maester!
Maester is an open source PowerShell-based test automation framework designed to help you monitor and maintain the security configuration of your Microsoft 365 environment.
WebSploit Is An Open Source Project For Scan And Analysis Remote Syste
Kingfisher is a blazingly fast secret‑scanning and validation tool built in Rust. It combines Intel’s hardware‑accelerated Hyperscan regex engine with language‑aware parsing via Tree‑Sitter, and ships with hundreds of built‑in rules to detect, validate, and triage secrets before they ever reach production.
Related contents:
Open-Source Compliance Scanner. Multi-Cloud Compliance Scanner & Evidence Collection.
Scan AWS, Azure, and M365 for SOC2, PCI-DSS, HIPAA, CMMC, and NIST 800-53 compliance. Get audit-ready reports in minutes.
Analyze Azure resources and identify whether they comply with Azure's best practices and recommendations.
Azure Quick Review (azqr) is a powerful command-line interface (CLI) tool that specializes in analyzing Azure resources to ensure compliance with Azure's best practices and recommendations. Its main objective is to offer users a comprehensive overview of their Azure resources, allowing them to easily identify any non-compliant configurations or areas for improvement.
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound access allowed privileges against the targeted account, resolve the SIDS of the inbound permissions, and present that data to the operator. Additionally, the logging features of pyldapsearch have been integrated with Aced to log the targeted principal's LDAP attributes locally which can then be parsed by pyldapsearch's companion tool BOFHound to ingest the collected data into BloodHound.
Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.
Talisman is a tool that scans git changesets to ensure that potential secrets or sensitive information do not leave the developer's workstation. It validates the outgoing changeset for things that look suspicious - such as potential SSH keys, authorization tokens, private keys etc.
AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses.
ADMiner is an Active Directory audit tool that leverages cypher queries to crunch data from the BloodHound graph database (neo4j) and gives you a global overview of existing weaknesses through a web-based static report, including detailed listing, dynamic graphs, key indicators history, along with risk ratings.
- AD Miner - Analyse Active Directory — Emilien Vannier, Jean-Michel Besnard, Tanguy Boisset @ SSTIC :fr:.
- Episode #461 consacré à ADMiner avec Jean-Michel BESNARD @ NoLimitSecu :fr:.
- Not All Paths are Created Equal -- Attackers' Economy (Part 1) @ Riccardo Ancarani - Red Team Adventures.
- Graph theory to assess Active Directory : Smartest vs. Shortest Control Paths @ Jean-Michel BESNARD's LinkedIn.
Active Directory Group Policy Security Analyzer.
A security assessment tool for analyzing Active Directory Group Policy Objects (GPOs) to identify misconfigurations and vulnerabilities.
GPOHunter is a comprehensive tool designed to analyze and identify security misconfigurations in Active Directory Group Policy Objects (GPOs). It automates security checks and provides detailed reports on potential vulnerabilities, helping administrators secure their environments.
Got a GitHub token (PAT, App, OAuth) and want to figure out what permissions it has? This repo solves this by allowing you to test and validate the different types of GitHub token..
DNS Measurement, Troubleshooting and Security Auditing Toolset.
Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to make sure your DNS is working as you expect.
Related contents:
🔎 Static code analysis engine to find security issues in code. Opengrep, a fork of Semgrep, under the LGPL 2.1 license.
Opengrep is an ultra-fast static analysis tool for searching code patterns with the power of semantic grep. Analyze large code bases at the speed of thought with intuitive pattern matching and customizable rules. Find and fix security vulnerabilities, fast – ship more secure code.
Opengrep supports 30+ languages, including:
Apex · Bash · C · C++ · C# · Clojure · Dart · Dockerfile · Elixir · HTML · Go · Java · JavaScript · JSX · JSON · Julia · Jsonnet · Kotlin · Lisp · Lua · OCaml · PHP · Python · R · Ruby · Rust · Scala · Scheme · Solidity · Swift · Terraform · TypeScript · TSX · YAML · XML · Generic (ERB, Jinja, etc.)
A lightweight web security auditing toolkit. Caido aims to help security professionals and enthusiasts audit web applications with efficiency and ease.
PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.
PowerHuntShares is PowerShell tool designed to help cybersecurity teams and penetration testers better identify, understand, attack, and remediate SMB shares in the Active Directory environments they protect.
Sources:
Security scanner for MCP servers
MCP-Shield scans your installed MCP (Model Context Protocol) servers and detects vulnerabilities like tool poisoning attacks, exfiltration channels and cross-origin escalations.
Bagel is a cross-platform CLI that inspects developer workstations and produces a structured report of security findings. It allows developers to understand their attack surface and what could be of interest to a malicious actor.
Related contents:
PowerShell-Hunter is a growing collection of PowerShell-based threat hunting tools designed to help defenders investigate and detect malicious activity in Windows environments. This project aims to provide security analysts with powerful, flexible tools that leverage PowerShell's native capabilities for threat hunting.
Related contents:
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
Scans Software Bill of Materials (SBOMs) for security vulnerabilities.
bomber is an application that scans SBOMs for security vulnerabilities.
Open Source Cloud Native Application Protection Platform (CNAPP).
Deepfence ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit. It uncovers vulnerable software components, exposed secrets and deviations from good security practice. ThreatMapper uses a combination of agent-based inspection and agent-less monitoring to provide the widest possible coverage to detect threats.
An auditing tool for detecting vulnerabilities, powered by advisory databases that follow the OSV specification.
A simple measure of software dependency freshness. It is a single number telling you how up-to-date your dependencies are.
A command line utility to display dependency tree of the installed Python packages.
pipdeptree is a command line utility for displaying the installed python packages in form of a dependency tree. It works for packages installed globally on a machine as well as in a virtualenv. Since pip freeze shows all dependencies as a flat list, finding out which are the top level packages and which packages do they depend on requires some effort. It's also tedious to resolve conflicting dependencies that could have been installed because older version of pip didn't have true dependency resolution1. pipdeptree can help here by identifying conflicting dependencies installed in the environment.
Analyze Chrome Extensions for Security.
CRXplorer is a free Chrome extensions analysis tool that combines traditional security scanning with AI-powered insights.
Related contents:
Trail of Bits Claude Code skills for security research, vulnerability detection, and audit workflows.
A Claude Code plugin marketplace from Trail of Bits providing skills to enhance AI-assisted security analysis, testing, and development workflows.
Related contents:
Missing Patch Scanner.
Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system. By default, Vanir pulls up-to-date CVEs from Open Source Vulnerabilities (OSV) together with their corresponding signatures so that users can transparently scan missing patches for an up-to-date list of CVEs.
GLPI vulnerabilities checking tool.
glpwnme is a tool used to check for vulnerabilities on running instance of glpi.
Related contents:
grep rough audit - source code auditing tool.
graudit is a simple script and signature sets that allows you to find potential security flaws in source code using the GNU utility grep. It's comparable to other static analysis applications like RATS, SWAAT and flaw-finder while keeping the technical requirements to a minimum and being very flexible.
A fast tool to scan CRLF vulnerability written in Goc
LightBulb is an open source python framework for auditing web applications firewalls.
the missing audit log library. auditor's purpose is to provide an easy and standardized way to collect and persists audit logs.
Application Security Testing Software. Free, lightweight web application security scanning for CI/CD. manual tools to start web security testing.
Related contents:
Active Directory Security Assessment. Close Active Directory and Entra ID Security Gaps.
Find and fix security vulnerabilities in AD, now Entra ID, and Okta with Purple Knight, a free AD security vulnerability assessment that helps you uncover hundreds of AD indicators of exposure (IOEs) and compromise (IOCs). Quickly conduct a security assessment of AD—involved in 9 out of 10 cyberattacks.
Open-Source Security Reports, Made Simple.
Secrover is a free and open-source tool that generates clear, professional security audit reports — without paywalls or proprietary SaaS. Just useful insights you can trust and share.
A Burp Extension for GraphQL Security Testing. A security testing tool to facilitate GraphQL technology security auditing efforts.
Securing containers, one scan at a time.
Harbor Guard is a comprehensive container security scanning platform that provides an intuitive web interface for managing and visualizing security assessments of Docker images.
OpenSSF Scorecard assesses open source projects for security risks through a series of automated checksIt was created by OSS developers to help improve the health of critical projects that the community depends on.
You can use it to proactively assess and make informed decisions about accepting security risks within your codebase. You can also use the tool to evaluate other projects and dependencies, and work with maintainers to improve codebases you might want to integrate.
Scorecard is an automated tool that assesses a number of important heuristics ("checks") associated with software security and assigns each check a score of 0-10. You can use these scores to understand specific areas to improve in order to strengthen the security posture of your project. You can also assess the risks that dependencies introduce, and make informed decisions about accepting these risks, evaluating alternative solutions, or working with the maintainers to make improvements.
Related contents:
PostgreSQL Auditing Extension.
The PostgreSQL Audit Extension (or pgaudit) provides detailed session and/or object audit logging via the standard logging facility provided by PostgreSQL. The goal of PostgreSQL Audit to provide the tools needed to produce audit logs required to pass certain government, financial, or ISO certification audits.
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
This free tool audits the configuration of an SSH server or client and highlights the areas needing improvement.
Too many admins overlook SSH configuration when setting up new systems. Unfortunately, the defaults for many operating systems are optimized for compatibility, not security.
BTA is an open-source Active Directory security audit framework.
Enumerate Azure RBAC and Microsoft Entra ID permissions for Entra ID groups, service principals, and users.
A security auditor for Tailscale configurations. Scans your tailnet for misconfigurations, overly permissive access controls, and security best practice violations.
The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit. XSRFProbe is an advanced Cross Site Request Forgery (CSRF/XSRF) Audit and Exploitation Toolkit. Equipped with a powerful crawling engine and numerous systematic checks, it is able to detect most cases of CSRF vulnerabilities, their related bypasses and futher generate (maliciously) exploitable proof of concepts with each found vulnerability. For more info on how XSRFProbe works, see XSRFProbe Internals on wiki.
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.
SploitScan is a powerful and user-friendly tool designed to streamline the process of identifying exploits for known vulnerabilities and their respective exploitation probability. Empowering cybersecurity professionals with the capability to swiftly identify and apply known and test exploits. It's particularly valuable for professionals seeking to enhance their security measures or develop robust detection strategies against emerging threats.
Monkey365 is an Open Source security tool that can be used to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews without the significant overhead of learning tool APIs or complex admin panels from the start.
🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages.
GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages or Go modules. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata. GuardDog can be used to scan local or remote PyPI and npm packages or Go modules using any of the available heuristics.
Related contents:
The Package Analysis project analyses the capabilities of packages available on open source repositories. The project looks for behaviors that indicate malicious software:
-
What files do they access?
-
What addresses do they connect to?
-
What commands do they run?
Related contents: