Search Results for "security"
Sort By:
Showing 40 open source projects for "security"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Automate contact and company data extractionGenerate leads at scale without building or maintaining scrapers. Use 10,000+ ready-made tools that handle authentication, pagination, and anti-bot protection. Pull data from business directories, social profiles, and public sources, then export to your CRM or database via API. Schedule recurring extractions, enrich existing datasets, and integrate with your workflows.
-
1
DefectDojo
DefectDojo is a DevSecOps and vulnerability management tool
DefectDojo is a security orchestration and vulnerability management platform. DefectDojo allows you to manage your application security program, maintain product and application information, triage vulnerabilities and push findings to systems like JIRA and Slack. DefectDojo enriches and refines vulnerability data using a number of heuristic algorithms that improve with the more you use the platform. -
2
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. -
3
GHunt
Offensive Google framework
GHunt (v2) is an offensive Google framework, designed to evolve efficiently. It's currently focused on OSINT, but any use related with Google is possible. It will automatically use venvs to avoid dependency conflicts with other projects. First, launch the listener by doing ghunt login and choose between 1 of the 2 first methods. Put GHunt on listening mode (currently not compatible with docker) Paste base64-encoded cookies. Enter manually all cookies. The development of this extension has... -
4
Mythril
Security analysis tool for EVM bytecode. Supports smart contracts
Mythril is a security analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum, Hedera, Quorum, Vechain, Roostock, Tron and other EVM-compatible blockchains. It uses symbolic execution, SMT solving and taint analysis to detect a variety of security vulnerabilities. It's also used (in combination with other tools and techniques) in the MythX security analysis platform. -
STORIS provides ERP software solutions for the home furnishings and appliance industryFor over 35 years, it has delivered tools designed to meet the specific needs of retailers in this sector. STORIS’ ERP platform integrates core retail operations, including Point of Sale, Inventory Management, Logistics and Distribution, Buying Tools, Customer Service, Accounting, Financing, Reporting, Business Intelligence, and System Tools.
-
5
Metarget
Framework for automatic construction of vulnerable infrastructures
Metarget = meta- + target, a framework providing automatic constructions of vulnerable infrastructures, used to deploy simple or complicated vulnerable cloud native targets swiftly and automatically. During security research, we might find that the deployment of a vulnerable environment often takes much time, while the time spent on testing PoC or ExP is comparatively short. In the field of cloud-native security, thanks to the complexity of cloud-native systems, this issue is more terrible. There are already some excellent security projects like Vulhub, and VulApps in the open-source community, which pack vulnerable scenes into container images so that researchers could utilize them and deploy scenes quickly. ... -
6
FATE
An industrial grade federated learning framework
...FedAI is a community that helps businesses and organizations build AI models effectively and collaboratively, by using data in accordance with user privacy protection, data security, data confidentiality and government regulations. -
7
Authlib
The ultimate Python library in building OAuth, OpenID Connect
...Supporting a wide range of social network service connections, powered by Loginpass. Authlib is built from low level of specifications to high level of framework integrations. Security matters in Authlib. We have a section on security process at the very first begin. Authlib is created with sustainable maintainence in mind. Consider to buy a commercial plan. -
8
JumpServer
Manage assets on different clouds at the same time
The JumpServer bastion machine complies with the 4A specification of operation and maintenance security audit. Zero threshold, fast online acquisition and installation. Just a browser, the ultimate Web Terminal experience. Easily support massive concurrent access. One system manages assets on different clouds at the same time. Audit recordings are stored in the cloud and will never be lost. One system, is used by multiple subsidiaries and departments at the same time. -
9
Django-CRM
Open Source CRM based on Django
Django CRM is opensource CRM developed on django framework. It has all the basic features of CRM to start with. We welcome code contributions and feature requests via github. Create and activate a virtual environment. Install the project's dependency after activating env. -
Ditto Edge Server is a lightweight standalone server for resource-constrained edge environments, based on the core Ditto Edge SDK.Ditto's Edge SDK is the only thing your edge devices need to ensure your application is operational in any environment, regardless of network conditions.
-
10
objection
Objection - runtime mobile exploration
objection is a runtime mobile exploration toolkit, powered by Frida, built to help you assess the security posture of your mobile applications, without needing a jailbreak. Perform memory-related tasks, such as dumping & patching. Explore and manipulate objects on the heap. Installation is simply a matter of pip3 install objection. This will give you the objection command. You can update an existing objection installation with pip3 install --upgrade objection. -
11
Checkov
Prevent cloud misconfigurations during build-time for Terraform
Checkov scans cloud infrastructure configurations to find misconfigurations before they're deployed. Checkov uses a common command-line interface to manage and analyze infrastructure as code (IaC) scan results across platforms such as Terraform, CloudFormation, Kubernetes, Helm, ARM Templates and Serverless framework. Verify changes to hundreds of supported resource types in all major cloud providers. Checkov supports developers using Terraform, Terraform plan, CloudFormation, Kubernetes,... -
12
SQL Explorer
Easily share data across your company via SQL queries
...Quickly write and share SQL queries in a simple, usable SQL editor, preview the results in the browser, share links, download CSV, JSON, or Excel files (and even expose queries as API endpoints, if desired), and keep the information flowing! Comes with support for multiple connections, to many different SQL database types, a schema explorer, query history (e.g. lightweight version control), a basic security model, in-browser pivot tables, and more. SQL Explorer values simplicity, intuitive use, unobtrusiveness, stability, and the principle of least surprise. SQL Explorer is inspired by any number of great query and reporting tools out there. -
13
SSRFmap
Automatic SSRF fuzzer and exploitation tool
...Because SSRF often leads to lateral movement or internal network access, SSRFmap is especially useful for red-teamers and pentesters who want to explore chains rather than just the vulnerability surface. The repository also demonstrates a pragmatic mindset; rather than just “find SSRF”, it tries to “exploit SSRF” for impact, helping security testers build full end-to-end workflows. -
14
Slither
Static Analyzer for Solidity
...Slither is fast and precise; it can find real vulnerabilities in a few seconds without user intervention. It is highly customizable and provides a set of APIs to inspect and analyze Solidity code easily. We use it in all of our security reviews. Now you can integrate it into your code-review process. We are open sourcing the core analysis engine of Slither. This core provides advanced static-analysis features, including an intermediate representation (SlithIR) with taint tracking capabilities on top of which complex analyses (“detectors”) can be built. -
15
Standard Webhooks
The Standard Webhooks specification
...Standard Webhooks matters because it eliminates the fragmentation of webhook implementations, reducing consumer effort and enabling seamless verification in apps or even directly in API gateways. By unifying best practices, it improves developer experience, enhances security, and enables new ecosystem tools. -
16
Django OAuth Toolkit
OAuth2 goodies for the Djangonauts!
Django OAuth Toolkit can help you by providing, out of the box, all the endpoints, data, and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant. OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords. Django is a high-level... -
17
Python Outlier Detection
A Python toolbox for scalable outlier detection
PyOD is a comprehensive and scalable Python toolkit for detecting outlying objects in multivariate data. This exciting yet challenging field is commonly referred as outlier detection or anomaly detection. PyOD includes more than 30 detection algorithms, from classical LOF (SIGMOD 2000) to the latest COPOD (ICDM 2020) and SUOD (MLSys 2021). Since 2017, PyOD [AZNL19] has been successfully used in numerous academic researches and commercial products [AZHC+21, AZNHL19]. PyOD has multiple neural... -
18
Status - a Mobile Ethereum OS
A free (libre) open source, mobile OS for Ethereum
...Status uses an open-source, peer-to-peer protocol, and end-to-end encryption to protect your messages from third parties. Keep your private messages private with Status. Browse the growing ecosystem of DApps including marketplaces, exchanges, games, and social networks. The latest security standards ensure a private browsing experience. You will never be asked for a phone number, email address, or bank account when generating a Status account. Stay private and selectively reveal yourself to the world with Status. -
19
Flask App Builder
Simple and rapid application development framework
Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Automatic permissions lookup, based on exposed methods. Inserts on the Database all the detailed permissions possible on your application. Public (no authentication needed) and Private permissions. Role-based permissions. Authentication support for OpenID, Database and LDAP. -
20
Django Wiki
A wiki system with complex functionality for simple integration
...Do not make your own hard copy of this repository in order to fiddle with internal parts of the wiki -- this strategy will lead you to lose out on future updates with highly improved features and plugins. Possibly security updates as well! -
21
Wifipumpkin3
Powerful framework for rogue access point attack
wifipumpkin3 is powerful framework for rogue access point attack, written in Python, that allow and offer to security researchers, red teamers and reverse engineers to mount a wireless network to conduct a man-in-the-middle attack. -
22
Wemake Django Template
Bleeding edge django template focused on code quality and security
What this project is all about? The main idea of this project is to provide a fully configured template for django projects, where code quality, testing, documentation, security, and scalability are number one priorities. This template is a result of implementing our processes, it should not be considered as an independent part. When developing this template we had several goals in mind. Development environment should be bootstrapped easily, so we use docker-compose for that. Development should be consistent, so we use strict quality and style checks. ... -
23
SharPyShell
Tiny and obfuscated ASP.NET webshell for C# web applications
SharPyShell is a tiny and obfuscated ASP.NET web shell that executes commands received by an encrypted channel compiling them in memory at runtime. SharPyShell supports only C# web applications that run on .NET Framework >= 2.0. SharPyShell is a post-exploitation framework written in Python. The main aim of this framework is to provide the penetration tester with a series of tools to ease the post-exploitation phase once exploitation has been successful against an IIS webserver. This tool is... -
24
StreamAlert
StreamAlert is a serverless, realtime data analysis framework
StreamAlert is a serverless, real-time data analysis framework that empowers you to ingest, analyze, and alert on data from any environment, using data sources and alerting logic you define. Computer security teams use StreamAlert to scan terabytes of log data every day for incident detection and response. Incoming log data will be classified and processed by the rules engine. Alerts are then sent to one or more outputs. Rules are written in Python; they can utilize any Python libraries or functions. Merge similar alerts and automatically promote new rules if they are not too noisy. ... -
25
ReconSpider
Most Advanced Open Source Intelligence (OSINT) Framework
ReconSpider is most Advanced Open Source Intelligence (OSINT) Framework for scanning IP Addresses, Emails, Websites, and Organizations and find out information from different sources. ReconSpider can be used by Infosec Researchers, Penetration Testers, Bug Hunters, and Cyber Crime Investigators to find deep information about their target. ReconSpider aggregate all the raw data, visualize it on a dashboard, and facilitate alerting and monitoring on the data. Recon Spider also combines the...
