Search Results for "scanning of checks"
Sort By:
Showing 39 open source projects for "scanning of checks"
View related business solutions-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
Build Securely on AWS with Proven FrameworksMoving to the cloud brings new challenges. How can you manage a larger attack surface while ensuring great network performance? Turn to Fortinet’s Tested Reference Architectures, blueprints for designing and securing cloud environments built by cybersecurity experts. Learn more and explore use cases in this white paper.
-
1
kube-bench
Checks whether Kubernetes is deployed
kube-bench is a tool that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Trivy, the all-in-one cloud-native security scanner, can be deployed as a Kubernetes Operator inside a cluster. Both, the Trivy CLI, and the Trivy Operator support CIS Kubernetes Benchmark scanning among several other features. -
2
nuclei
Fast and customizable vulnerability scanner based on simple YAML
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers. ... -
3
Tookie-OSINT
Username OSINT tool for discovering accounts across many websites
Tookie-OSINT is an open source intelligence tool designed to help security researchers, ethical hackers, and investigators discover online accounts associated with a specific username. It automates the process of searching for usernames across multiple websites, making it easier to identify a person's presence on different platforms. By entering a target username, Tookie-OSINT scans a list of supported sites and checks whether the username exists on those platforms. This approach removes the... -
4
tfsec
Security scanner for your Terraform code
Checks for misconfigurations across all major (and some minor) cloud providers. Applies (and embellishes) user-defined Rego policies. Supports multiple output formats: CLI, JSON, SARIF, CSV, CheckStyle, and JUnit. Configurable (via CLI flags and/or config file). Very fast, capable of quickly scanning huge repositories. Plugins for popular IDEs available (JetBrains, VSCode and Vim). -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
discover
Automation framework for reconnaissance and penetration testing tasks
Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. The framework helps streamline activities such... -
6
User Scanner
Scan usernames and emails across many platforms from the CLI
user-scanner is a command-line OSINT tool designed to analyze the presence and availability of usernames and email addresses across many online platforms. It helps users quickly determine whether a specific username or email is already associated with accounts on social networks, developer platforms, creator communities, gaming services, and other sites. user-scanner is useful for security researchers, investigators, and analysts performing open source intelligence, as well as individuals or... -
7
Skill Scanner
Security Scanner for Agent Skills
This repository is a public security-focused scanning tool intended to analyze and assess AI agent skills for potential issues, quality concerns, and vulnerabilities. It acts as a scanner that inspects Agent Skills packages to flag structural problems, inconsistencies, or security flaws before they are deployed or integrated into agent workflows. Because agent skills can contain executable instructions and logic, scanning them for risky patterns is essential to prevent inadvertent exploitation when used by intelligent systems. ... -
8
reconFTW
Automated framework for domain reconnaissance and vulnerability scans.
reconFTW is an open source automated reconnaissance framework created for security researchers, penetration testers, and bug bounty hunters. The tool streamlines the reconnaissance phase of security assessments by orchestrating numerous specialized tools to gather intelligence about a target domain. It performs multiple discovery and analysis tasks such as subdomain enumeration, OSINT collection, and vulnerability scanning in an automated workflow. The framework integrates many external... -
9
holehe
Check if the mail is used on different sites
holehe is a Python-based OSINT utility designed to determine whether a specific email address is registered across a wide range of online services. The tool works by leveraging password-reset mechanisms and other public account-existence checks to infer whether an email is associated with accounts on major platforms. It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate... -
Go From AI Idea to AI App FastAccess Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
-
10
PrivescCheck
Privilege Escalation Enumeration Script for Windows
PrivescCheck is a local privilege escalation reconnaissance tool for Unix-like systems that automates common checks auditors and system owners run when looking for misconfigurations. It enumerates kernel versions, installed packages, SUID/SGID binaries, world-writable files and directories, services, cron jobs, and user/group permissions to highlight likely escalation paths. The output is organized and human-readable so operators can triage findings quickly—flagging high-risk items... -
11
OSS Review Toolkit
A suite of tools to automate software compliance checks
OSS Review Toolkit (ORT) is a suite of tools designed to automate the process of reviewing and ensuring compliance of open-source software dependencies. It assists in analyzing project dependencies, scanning for license information, and evaluating compliance with customizable policies. ORT supports integration into CI/CD pipelines, making it a valuable asset for organizations aiming to maintain open-source compliance at scale. -
12
Elkeid
Open source solution that can meet the requirements of workloads
Elkeid is an open-source platform for security and intrusion-detection that aims to support a wide variety of deployment contexts — from bare-metal hosts to containers, Kubernetes clusters, and even serverless environments. It was born out of ByteDance’s internal security best practices, offering for community users a subset of its enterprise-grade capabilities. Elkeid combines kernel-level data collection, user-space agents, and runtime instrumentation (RASP) to detect malicious behavior,... -
13
8mb.local
Ffree local self hosted video compressor webui
...The platform presents a simple yet informative web dashboard that dynamically updates with device statuses, IP addresses, and latency information, giving users a centralized view of network health without complex dashboards. It also includes basic tools such as ping monitoring, service reachability checks, and port scanning, enabling users to diagnose connection issues quickly and without external services. The emphasis is on minimalism and performance, so it runs efficiently on low-power devices like Raspberry Pis or small containers, making it ideal for home labs or edge deployments. 8mb.local can also notify users of offline devices or connection drops through configurable alerts, helping preempt outages before they become serious. -
14
Popeye
A Kubernetes cluster resource sanitizer
Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what’s deployed and not what’s sitting on disk. By scanning your cluster, it detects misconfigurations and helps you to ensure that best practices are in place, thus preventing future headaches. It aims at reducing the cognitive overload one faces when operating a Kubernetes cluster in the wild. Furthermore, if your cluster employs... -
15
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability... -
16
Th3inspector
Best Tool For Information Gathering
...It exposes a single command-line entrypoint (Th3inspector.pl) with many switches for common reconnaissance tasks — examples include website info, whois, MX lookup, geo-IP, subdomain discovery, CMS detection, port scanning, and Cloudflare real-IP resolution — so a user can chain many checks from one script. The project provides simple install wrappers for Linux, Android/Termux and even instructions for Windows (Perl + CPAN modules), and includes helper scripts to update or install dependencies automatically. The repository is actively packaged as versioned releases in the README (current noted version 1.9) and is distributed under an MIT license. -
17
MicroBurst
A collection of scripts for assessing Microsoft Azure security
MicroBurst is a PowerShell toolkit from NetSPI focused on assessing Microsoft Azure security by automating discovery, enumeration, and targeted auditing of cloud services and configurations. It bundles many functions to enumerate Azure resources (subscriptions, VMs, storage accounts, container registries, App Services and more), probe common misconfigurations, and harvest sensitive artifacts when available (for example storage blobs, keys, automation account credentials, and other... -
18
Skills Janitor
Audit, track usage, and compare your Claude Code skills
The Skills Janitor project is a lightweight plugin designed to manage, audit, and optimize AI agent skill ecosystems, particularly for environments like Claude Code and OpenAI Codex. It functions as a “maintenance layer” for AI skills by automatically scanning installed skill directories, identifying duplicates, and analyzing their structure and usage. One of its core purposes is to help developers maintain a clean and efficient skill environment, especially as the number of installed skills grows over time. The system provides a set of command-based tools that allow users to perform health checks, generate reports, and automatically fix issues such as broken or redundant skills. ... -
19
Drive Health Analyzer - SSD/HDD Monitor
Monitor disk health, predict failures, track SSD/HDD SMART attributes
Drive Health Analyzer is a comprehensive disk monitoring solution designed to prevent data loss by tracking the health status of SSDs and HDDs. The software reads SMART attributes, monitors temperature, analyzes disk performance, and predicts potential drive failures before they occur. It supports all major storage types including NVMe, SATA, and IDE drives. Features real-time alerts, detailed health reports, and automatic background monitoring. The intuitive dashboard displays critical... -
20
socialscan
Scan platforms to check username and email account usage
Socialscan is an open source intelligence (OSINT) tool designed to check whether usernames or email addresses are associated with accounts on various online platforms. It allows users to quickly determine if a specific username or email address is already in use across multiple services, making it useful for security research, digital investigations, and account enumeration tasks. It focuses on accuracy by querying platform endpoints in a way that reliably detects whether a credential exists... -
21
Ghost of Death is an app to spoof your OS. It's meant to spoof scanning apps, like nmap or Metasploit. You must be admin/root. 2-28-26: Addressed a couple of bugs. Totally reworked Linux version. This app won't get a perfect match in the spoof, but it won't let them know your OS. 3-1-26: Tweaked on the Linux version some more. 3-2-26: That last Linux version was messed up, new one works, theoretically. 3-3-26: After much labor it's done. It has Windows, Mac and Android now. Windows...
-
22
LinkWarden Bot
Bot that uses various APIs to scan links inside any discord server.
This Discord bot, designed for personal and community use, enhances server security by scrutinizing links shared within Discord channels. It leverages the VirusTotal API, WHOIS lookups, and urlscan.io scans to provide comprehensive real-time analysis, helping maintain a safe online environment for members. -
23
httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
...It supports additional probes on custom ports and protocols, enabling more flexible scanning scenarios. httprobe also allows users to adjust timeouts and prioritize HTTPS results, making it adaptable to different reconnaissance needs. Its output can be easily piped into other tools for further analysis, such as vulnerability scanning or content discovery. -
24
Log4jScanner
A log4j vulnerability filesystem scanner and Go package
...Instead of probing networks, it walks directories and archives, including nested JARs, to find version fingerprints and risky classes associated with the Log4Shell family of issues. The focus on static analysis makes it suitable for container images, build artifacts, and offline systems where active scanning isn’t feasible. Clear, machine-readable output allows the tool to plug into CI/CD checks and fleet-wide inventory jobs. For responders, it reduces time-to-visibility by surfacing exactly which paths and bundles require patching or remediation. It’s a pragmatic addition to defense-in-depth programs that need verifiable evidence of exposure without deploying agents. -
25
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning for anomalies. ...
