Tags : Browse Projects

Select a tag to browse associated projects and drill deeper into the tag cloud.

OWASP Zed Attack Proxy

Compare

Claimed by Open Web Application Securi... Analyzed 17 days ago

The OWASP Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its ... [More] also a great tool for experienced pentesters to use for manual security testing. [Less]

967K lines of code

37 current contributors

17 days since last commit

38 users on Open Hub

Very High Activity
4.85714
   

OpenVAS

Compare

  Analyzed 11 months ago

OpenVAS is an open source remote security vulnerability scanner, designed to search for networked devices and computers, discover accessible ports and services, and to test for vulnerabilities on any such ports; plugins allow for further expansion.

505K lines of code

10 current contributors

11 months since last commit

13 users on Open Hub

Activity Not Available
4.2
   

SIRIOS

Compare

  Analyzed 7 months ago

A incident and advisory system for CERTs (Computer Emergency Response Teams). SIRIOS is based on the OTRS trouble ticket system that enables you to record your complete correspondence (e-mail, telephone etc.) without gaps. Thanks to the different modules of SIRIOS you can process your ... [More] CERT-specific information in a very structured manner (for example Advisories and Incidents). [Less]

48.2K lines of code

0 current contributors

over 4 years since last commit

12 users on Open Hub

Activity Not Available
5.0
 

w3af

Compare

  Analyzed 4 months ago

w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. Actually w3af has more than 130 plugins, including SQL injection, Cross Site Scripting and unsafe scripts detection.

330K lines of code

5 current contributors

5 months since last commit

9 users on Open Hub

Activity Not Available
4.16667
   

sqlmap

Compare

  Analyzed 4 months ago

sqlmap is an automatic blind SQL injection tool, developed in python, capable to perform an active database management system fingerprint, enumerate entire remote databases and much more. The aim of this project is to implement a fully functional database management system tool which takes ... [More] advantages of web application programming security flaws which lead to SQL injection vulnerabilities. [Less]

64.4K lines of code

18 current contributors

4 months since last commit

6 users on Open Hub

Activity Not Available
5.0
 
Licenses: No declared licenses

Arachni

Compare

  Analyzed 3 months ago

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

233K lines of code

7 current contributors

3 months since last commit

4 users on Open Hub

Activity Not Available
4.0
   
Licenses: No declared licenses

Wapiti

Compare

Claimed by Open Web Application Securi... Analyzed 4 months ago

Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the application but will scan the webpages of the deployed webapp, looking for scripts and forms where it can inject data. Wapiti acts like a fuzzer, injecting ... [More] payloads to see if a script is vulnerable. [Less]

9.28K lines of code

0 current contributors

over 2 years since last commit

4 users on Open Hub

Activity Not Available
5.0
 

The Dradis Framework

Compare

  Analyzed 4 months ago

Dradis is an open source framework to enable effective information sharing, specially during security assessments. Our goals: Share the information effectively. Easy to use, easy to be adopted. Otherwise it would present little benefit over other systems. Flexible: with a powerful and simple ... [More] extensions interface. Small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS). Some of the features: Platform independent Easy report generation: in Word, HTML, etc. Markup support for the notes: styles, images, links, etc. Integration with existing systems and tools: Burp Scanner, Metasploit, Nessus, NeXpose, Nikto, Nmap, OpenVAS, OSVDB, SureCheck, Vuln::DB, w3af, wXf [Less]

16.6K lines of code

1 current contributors

12 months since last commit

2 users on Open Hub

Activity Not Available
4.0
   

ThreadFix

Compare

  Analyzed 7 months ago

ThreadFix is a software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. ThreadFix imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and ... [More] applications. The system allows companies to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. By auto generating application firewall rules, this tool allows organizations to continue remediation work uninterrupted. ThreadFix empowers managers with vulnerability trending reports that show progress over time, giving them justification for their efforts. [Less]

241K lines of code

14 current contributors

about 1 year since last commit

2 users on Open Hub

Activity Not Available
4.5
   

WPScan

Compare

  Analyzed 4 months ago

WPScan is a black box WordPress vulnerability scanner.

15K lines of code

8 current contributors

4 months since last commit

2 users on Open Hub

Activity Not Available
5.0