Search Results for "rough auditing tool for security"
Sort By:
Showing 38 open source projects for "rough auditing tool for security"
View related business solutions-
Our Free Plans just got better! | Auth0 by OktaYou asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your secuirty. Auth0 now, thank yourself later.
-
Bright Data - All in One Platform for Proxies and Web ScrapingBright Data offers the highest quality proxies with automated session management, IP rotation, and advanced web unlocking technology. Enjoy reliable, fast performance with easy integration, a user-friendly dashboard, and enterprise-grade scaling. Powered by ethically-sourced residential IPs for seamless web scraping.
-
1
Scout Suite
Multi-cloud security auditing tool
Scout Suite is an open-source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically. Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time... -
2
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services... -
3
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability... -
4
InQL Scanner
A Burp Extension for GraphQL Security Testing
A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries. Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website... -
Engage for Amazon Connect, the Pre-built Contact Center PlatformEngage is a pre-built, intelligent contact center platform that transforms customer service.
-
5
CloudQuery
The open-source cloud asset inventory powered by SQL
CloudQuery extracts, transforms and loads your cloud assets into normalized PostgreSQL tables. CloudQuery enables you to assess, audit, and monitor the configurations of your cloud assets. Use standard SQL to find any asset based on any configuration or relation to other assets. Connect CloudQuery standard PostgreSQL database to your favorite BI/Visualization tool such as Grafana, QuickSight, etc. Codify your security & compliance rules with SQL as the query engine. Integrate CloudQuery... -
6
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard... -
7
mongoaudit
A powerful MongoDB auditing and pentesting tool
mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them... -
8
Linux Security Auditing Tool (LSAT) is a post install security auditing tool. It is modular in design, so new features can be added quickly. It checks many system configurations and local network settings on the system for common security/config errors and for packages that are not needed. It has been tested on Linux (Gentoo, Red Hat and derivatives, Debian, Ubuntu and derivatives, etc.) and Solaris (SunOS 2.x).
-
9
USB Rubber Ducky
A human interface device programmable
The USB Rubber Ducky is a Human Interface Device programmable with a simple scripting language allowing penetration testers to quickly and easily craft and deploy security auditing payloads that mimic human keyboard input. The source is written in C and requires the AVR Studio 5 IDE from atmel.com/avrstudio. Hardware is commercially available. Imagine plugging in a seemingly innocent USB drive into a computer and installing backdoors, exfiltrating documents, or capturing credentials. With a few... -
All-in-One Payroll and HR PlatformWe design our technology to make workforce management easier. APS offers core HR, payroll, benefits administration, attendance, recruiting, employee onboarding, and more.
-
10
JBrute
Open Source Security tool to audit hashed passwords.
JBrute is an open source tool written in Java to audit security and stronghold of stored password for several open source and commercial apps. It is focused to provide multi-platform support and flexible parameters to cover most of the possible password-auditing scenarios. Java Runtime version 1.7 or higher is required for running JBrute. Supported algorithms: MD5 MD4 SHA-256 SHA-512 MD5CRYPT SHA1 ORACLE-10G ORACLE-11G NTLM LM MSSQL-2000 MSSQL-2005 MSSQL-2012 MYSQL-322 MYSQL... -
11
Lynis
System/security auditing tool for hardening and securing Linux/Unix
=== Note: this project has been moved to GitHub === Lynis is a system and security auditing tool for Unix/Linux. It is used by security consultants, auditors and system administrators. This tool performs a security audit of the system and determines how well it is hardened. Any detected security issues will be provided in the form of a suggestion or warning at the end of the audit. Beside security related information it will also scan for general system information, installed packages... -
12
Bastille Linux
This tool locks down Linux and UNIX systems.
Bastille Linux is a Hardening and Reporting/Auditing Program which enhances the security of a Linux box, by configuring daemons, system settings and firewalling. It currently functions on most major Linux distributions and HP-UX. In the past, it has hardened Mac OSX as well. We are working on a code update to modern Linux distributions. -
13
LogSeCA
SIEM based tool supporting audit and security assessment
LogSECA is a tool that lies on the top of SIEM concept and on XDAS OpenGroup standard. It provides the following main capabilities: » secure and reliable retention of audit records for reliability and accountability, even in case of the source of event/log fails or the logs on it are accidentally or intentionally cancelled; » correlation of audit records in order to identify violation of security policies in the different data centres of the cloud infrastructure, which it would... -
14
The sandbox libraries (libsandbox & pysandbox) are an open-source suite of software components for C/C++ and Python developers to create automated profiling tools and watchdog programs. The API's are designed for executing and instrumenting simple (single process) tasks, featuring policy-based behavioral auditing, resource quota, and statistics collecting. The sandbox libraries were originally designed and utilized as the core security module of a full-fledged online judge system for ACM...
-
15
ADC
configuration auditing and security policy compliance
ADC is a tool that helps security administrators to maintain policy compliance of configurations and policies on numerous systems. ADC is similar to OpenAudit or OCS, however ADC is designed to collect arbitrary data (not limited to PC inventory), thus it helps information security experts control configurations and policies on remote servers. -
16
This is a program built on top of Python, Scapy, and Scapy EIGRP to aid in auditing the security of EIGRP implementations. Read the white-paper at https://docs.google.com/document/d/1ZVNwi5KRkbY_PxMoODTvwSh3qpzdqiRM9Q4qppP2DvE/edit?pli=1
-
17
Security Configuration Assistant for Apache, MySQL and PHP (SCAAMP) is a security configuration vulnerability auditing and fixing tool for Apache HTTP Server, PHP Interpreter and MySQL Database Server.
-
18
This purpose of this tool is to manage SOD conflicts within an ERP environment (in our case of SAP). Segregation of Duties (SOD) is an important tool in ensuring that a business is under control from an auditing perspective. Files are available !!!
-
19
SpaceMonkey is a Web application auditing tool. It can detect bugs or security flaws without using a knowledge database. It uses fault injection technics ('fuzzing') in order to reveal the flaws (SQL injection, XSS, File inclusion, command execution ).
-
20
IceScan is a free open source network analyzing and security auditing tool for Unix-like and Windows operating systems. It uses libpcap, a packet capture and filtering library.
-
21
PDit is a PHP Auditing and Analyzing Tool, it will cover the most common and significant vulnerabilities that can be found in a php pages/scripts.
-
22
TILT is a set of terminal logging and playback tools for auditing telnet and SSH connections made from a bastion host. It provides timestamped logs and real time playback of logs for incident reports, incident analysis or as a training aid
-
23
Steel Rats is a gui wrapper for the command line source code auditing tool RATS. It examines C, Perl, php and python code for keywords that could cause security holes and provides a report for you to further investigate the possible security holes.
-
24
PEStudio is a network protocol analysis and security auditing tool for Windows which allows you to apply scripts to winsock calls in order to filter / edit the data that travels to and from your computer, giving you complete control over your network.
-
25
SSHA Attack is a small prog for pen testers and security engineers to use in password/small clear-text auditing of SSHA hashes. It can also be treated as a SSHA crack tool but it was written with no malicious intent in mind. Use at your own risk.