Tags : Browse Projects

Select a tag to browse associated projects and drill deeper into the tag cloud.

OWASP Zed Attack Proxy

Compare

Claimed by Open Web Application Securi... Analyzed 20 days ago

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its ... [More] also a great tool for experienced pentesters to use for manual security testing. [Less]

975K lines of code

38 current contributors

21 days since last commit

39 users on Open Hub

Very High Activity
4.85714
   
I Use This

OpenVAS

Compare

  Analyzed 12 months ago

OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

505K lines of code

10 current contributors

12 months since last commit

13 users on Open Hub

Activity Not Available
4.2
   
I Use This

SIRIOS

Compare

  Analyzed 8 months ago

A incident and advisory system for CERTs (Computer Emergency Response Teams). SIRIOS is based on the OTRS trouble ticket system that enables you to record your complete correspondence (e-mail, telephone etc.) without gaps. Thanks to the different modules of SIRIOS you can process your ... [More] CERT-specific information in a very structured manner (for example Advisories and Incidents). [Less]

48.2K lines of code

0 current contributors

over 4 years since last commit

12 users on Open Hub

Activity Not Available
5.0
 
I Use This

w3af

Compare

  Analyzed 5 months ago

w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. Actually w3af has more than 130 plugins, including SQL injection, Cross Site Scripting and unsafe scripts detection.

330K lines of code

5 current contributors

6 months since last commit

9 users on Open Hub

Activity Not Available
4.16667
   
I Use This

Wapiti

Compare

Claimed by Open Web Application Securi... Analyzed 5 months ago

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scan the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Wapiti acts like a fuzzer, injecting ... [More] payloads to see if a script is vulnerable. [Less]

9.28K lines of code

0 current contributors

over 2 years since last commit

4 users on Open Hub

Activity Not Available
5.0
 
I Use This

Arachni

Compare

  Analyzed 20 days ago

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

244K lines of code

6 current contributors

21 days since last commit

4 users on Open Hub

High Activity
4.0
   
I Use This
Licenses: No declared licenses

modSIC

Compare

  Analyzed 5 months ago

Modulo's Open Distributed SCAP Infrastructure Collector, or modSIC, makes it easier for security analysts to scan an environment vulnerabilities based on OVAL-Definitions. It's an open-source service specialized in distributed network assessments. This initiative aims at providing a common ... [More] platform for collecting security data, making it easier for solutions to automate policy compliance, audits, risk assessments, and more, using the industry-standard Security Content Automation Protocol (SCAP). [Less]

382K lines of code

3 current contributors

5 months since last commit

2 users on Open Hub

Activity Not Available
5.0
 
I Use This

Lynis

Compare

Claimed by CISOfy Analyzed 10 days ago

Lynis is an auditing tool for systems running Linux, BSD, or other Unix derivatives. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also ... [More] scan for general system information, installed packages, and possible configuration errors. This software assists with automated auditing, compliance audits (PCI DSS, HIPAA, etc), system hardening, software patch management, vulnerability detection, and malware scanning. It can be run without prior installation. Lynis is typically used by system administrators and security professionals. [Less]

16.2K lines of code

47 current contributors

10 days since last commit

2 users on Open Hub

High Activity
5.0
 
I Use This

ThreadFix

Compare

  Analyzed 8 months ago

ThreadFix is a software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. ThreadFix imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and ... [More] applications. The system allows companies to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. By auto generating application firewall rules, this tool allows organizations to continue remediation work uninterrupted. ThreadFix empowers managers with vulnerability trending reports that show progress over time, giving them justification for their efforts. [Less]

241K lines of code

14 current contributors

about 1 year since last commit

2 users on Open Hub

Activity Not Available
4.5
   
I Use This

The Dradis Framework

Compare

  Analyzed 5 months ago

Dradis is an open source framework to enable effective information sharing, specially during security assessments. Our goals: Share the information effectively. Easy to use, easy to be adopted. Otherwise it would present little benefit over other systems. Flexible: with a powerful and simple ... [More] extensions interface. Small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS). Some of the features: Platform independent Easy report generation: in Word, HTML, etc. Markup support for the notes: styles, images, links, etc. Integration with existing systems and tools: Burp Scanner, Metasploit, Nessus, NeXpose, Nikto, Nmap, OpenVAS, OSVDB, SureCheck, Vuln::DB, w3af, wXf [Less]

16.6K lines of code

1 current contributors

about 1 year since last commit

2 users on Open Hub

Activity Not Available
4.0
   
I Use This