Search Results for "auditing software"
Sort By:
Showing 94 open source projects for "auditing software"
View related business solutions-
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
Earn up to 16% annual interest with Nexo.Put idle assets to work with competitive interest rates, borrow without selling, and trade with precision. All in one platform. Geographic restrictions, eligibility, and terms apply.
-
1
Laravel Auditing
Record the change log from models in Laravel
This package will help you understand changes in your Eloquent models, by providing information about possible discrepancies and anomalies that could indicate business concerns or suspect activities. Laravel Auditing allows you to keep a history of model changes by simply using a trait. Retrieving the audited data is straightforward, making it possible to display it in various ways. Auditing events provide a simple observer pattern implementation, allowing you to subscribe and listen to the... -
2
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
3
pkg FreeBSD
Package management tool for FreeBSD
pkg is the package management tool for FreeBSD, designed to handle the installation, upgrading, and removal of software packages. It provides a unified interface for managing binary packages, streamlining the process of maintaining software on FreeBSD systems. With features like automatic dependency resolution and package auditing, pkg ensures a reliable and secure package management experience. -
4
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
Auth0 B2B Essentials: SSO, MFA, and RBAC Built InAuth0's B2B Essentials plan gives you everything you need to ship secure multi-tenant apps. Unlimited orgs, enterprise SSO, RBAC, audit log streaming, and higher auth and API limits included. Add on M2M tokens, enterprise MFA, or additional SSO connections as you scale.
-
5
OpenSSH
Win32 port of OpenSSH
OpenSSH is a complete implementation of the SSH protocol (version 2) for secure remote login, command execution and file transfer. It includes a client ssh and server sshd, file transfer utilities scp and sftp as well as tools for key generation (ssh-keygen), run-time key storage (ssh-agent) and a number of supporting programs. This is a port of OpenBSD's OpenSSH to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not... -
6
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability detection, and system hardening. Test that Docker image, or improve the hardening of your deployed web application. ... -
7
FernFlower
Decompiler from Java bytecode to Java, used in IntelliJ IDEA
Fernflower is an open-source Java decompiler originally developed by JetBrains that takes compiled Java bytecode and reconstructs readable source code, helping developers understand, debug, and recover lost Java code from .class files. It works by analyzing the structure of bytecode and inferring higher-level constructs like loops, conditionals, generics, and exception handling to produce Java source that is as close as possible to what a human would have written, making it useful for both... -
8
Spring Data JPA
Simplifies the development of creating a JPA-based data access layer
Spring Data JPA, part of the larger Spring Data family, makes it easy to easily implement JPA-based repositories. This module deals with enhanced support for JPA-based data access layers. It makes it easier to build Spring-powered applications that use data access technologies. Implementing a data access layer of an application has been cumbersome for quite a while. Too much boilerplate code has to be written to execute simple queries as well as perform pagination, and auditing. Spring Data... -
9
NPQ
Install packages with npm or yarn by auditing them
npq is a security-focused package manager that analyzes npm dependencies for potential vulnerabilities before installation. It helps developers ensure the safety of their projects by checking for malicious or outdated packages. -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
Harbor
An open source trusted cloud native registry project that stores
Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control... -
11
DeepAudit
AI multi-agent platform for automated code security auditing system
DeepAudit is an open source code security auditing platform that uses a multi-agent architecture to analyze and identify vulnerabilities in software projects. Instead of relying solely on traditional static analysis, it simulates the reasoning process of security experts through coordinated agents responsible for orchestration, reconnaissance, analysis, and verification. DeepAudit performs deep semantic understanding of code, enabling it to detect complex vulnerabilities that span multiple files and business logic layers. ... -
12
RustDesk Server PRO
Some scripts for RustDesk Server Pro are hosted here
This project provides the enterprise-grade backend for RustDesk deployments that need centralized management, stronger policy controls, and advanced operational tooling. It encompasses the components required to broker, relay, and supervise connections while adding administrative layers suitable for regulated or large environments. Organizations can standardize how clients authenticate, how sessions are permitted and audited, and how data paths are routed under diverse network constraints.... -
13
Trail of Bits Skills Marketplace
Trail of Bits Claude Code skills for security research, vulnerability
Trail of Bits Skills Marketplace is a specialized Claude Code skills marketplace built by the security research firm Trail of Bits that focuses on enhancing AI-assisted workflows for vulnerability discovery, testing, and secure development. The repository groups a set of plug-in skills tailored toward static analysis, code auditing, secure defaults detection, and other practices that matter in software security. Users can easily add the marketplace to a Claude Code environment, browse available plugins, and install specific skills for tasks like automatic Semgrep rule creation, entry-point analysis in smart contracts, or insecure defaults detection. This project leverages the agent skills architecture to let AI assistants take on detailed, repeatable security procedures that are typically manual, such as parsing Burp Suite projects or conducting variant analysis across codebases. -
14
Anthropic Cybersecurity Skills
754 structured cybersecurity skills for AI agents
Anthropic Cybersecurity Skills is a collection of structured prompts, tools, and workflows designed to enhance the cybersecurity capabilities of AI systems. It focuses on defining reusable “skills” that guide AI models in performing tasks such as vulnerability analysis, threat detection, and security auditing. The project is intended for experimentation and development of AI-assisted cybersecurity workflows, providing templates that can be adapted to different environments. It emphasizes... -
15
InkOS
Autonomous novel writing CLI AI Agent
InkOS is a multi-agent creative writing system designed to automate the production of long-form narrative content such as novels through coordinated AI workflows. The system organizes multiple specialized agents that collaborate in stages, including drafting, reviewing, editing, and refining text, with optional human checkpoints to ensure quality and coherence. Its architecture reflects a pipeline approach where each agent contributes a specific function, allowing iterative improvement... -
16
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services... -
17
react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE
react2shell-scanner is a security-oriented tool that bridges modern JavaScript (React) applications and shell scripting by auditing web front-ends for exposed interfaces that could be manipulated or controlled through command execution. It scans React codebases, identifies places where user input interacts with shell-executable contexts, and flags risky patterns that might lead to command injection, unvalidated arguments, or unsafe bindings between UI controls and underlying system actions.... -
18
Deckhouse
Kubernetes platform from Flant
Deckhouse is a Kubernetes platform that allows you to create homogeneous K8s clusters on any infrastructure. It manages clusters comprehensively and “automagically” and provides all necessary modules and add-ons for autoscaling, observability, security, and service mesh implementation. Deckhouse has vanilla Kubernetes under the hood and integrates a balanced set of Open Source tools that have become the industry standard. Out-of-the-box secure configuration of the Kubernetes cluster, least... -
19
gh-ost
GitHub's online schema migrations for MySQL
gh-ost is a triggerless online schema migration solution for MySQL. It is testable and provides pausability, dynamic control/reconfiguration, auditing, and many operational perks. gh-ost produces a light workload on the master throughout the migration, decoupled from the existing workload on the migrated table. It has been designed based on years of experience with existing solutions, and changes the paradigm of table migrations. All existing online-schema-change tools operate in similar... -
20
Capslock
Tool to remap Caps Lock key behavior on Windows systems
Capslock is a command-line tool for analyzing the capabilities of Go packages to reveal what privileged operations their code and dependencies can perform. Rather than detecting vulnerabilities, Capslock focuses on identifying capabilities — permissions implied by calls to sensitive or privileged standard library functions, such as file system access, networking, or process control. By following transitive call graphs, it classifies which security-sensitive operations each package can reach,... -
21
goInception
A MySQL operation and maintenance tool
goInception is a MySQL maintenance tool, which can be used to review, implement, backup, and generate SQL statements for rollback. It parses SQL syntax and returns the result of the review based on custom rules. GoInception extension of the usage of Inception, to specify the remote server by adding annotations before the SQL review, and for distinguishing SQL and review adding special comments at the beginning and the end of SQL. Any MySQL protocol-driven can connect in the same way, but the... -
22
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release... -
23
Certificate Transparency Go
Auditing for TLS certificates (Go code)
certificate-transparency-go is a Go codebase for building and interacting with Certificate Transparency (CT) systems, from low-level parsing to full log operation. It includes forked ASN.1 and X.509 packages tailored to accept and analyze real-world certificates, including pre-certificates that stricter libraries would reject, supporting CT’s role as an ecosystem observatory. A TLS parsing library, CT data types, and multiple client libraries enable access to CT logs over HTTP and DNS, along... -
24
c15t
The Developer-First Cookie Banner
c15t is a developer-first, open-source consent management platform designed to help modern web applications manage user privacy and compliance, especially for things like cookie banners, consent dialogs, and script loading in a way that supports GDPR and other privacy regulations. Rather than relying on heavy third-party scripts or services, it offers a flexible, headless engine that web teams can integrate directly into their front-end and edge stacks with minimal overhead, giving full... -
25
Entity Framework Plus
Entity framework plus extends your DbContext with must-haves features
Entity Framework Plus extends your DbContext with must-haves features, include filter, auditing, caching, query future, batch delete, batch update, and more. Deleting using Entity Framework Core can be very slow if you need to delete hundreds or thousands of entities. Entities are first loaded in the context before being deleted which is very bad for the performance and then, they are deleted one by one which makes the delete operation even worse. EF+ Batch Delete is the most efficient way...
