Search Results for "auditing software"
Sort By:
Showing 71 open source projects for "auditing software"
View related business solutions-
Try Google Cloud Risk-Free With $300 in CreditUse your credit across every product. Compute, storage, AI, analytics. When it runs out, 20+ products stay free. You only pay when you choose to.
-
8 Monitoring Tools in One APM. Install in 5 Minutes.AppSignal works out of the box for Ruby, Elixir, Node.js, Python, and more. 30-day free trial, no credit card required.
-
1
Laravel Auditing
Record the change log from models in Laravel
This package will help you understand changes in your Eloquent models, by providing information about possible discrepancies and anomalies that could indicate business concerns or suspect activities. Laravel Auditing allows you to keep a history of model changes by simply using a trait. Retrieving the audited data is straightforward, making it possible to display it in various ways. Auditing events provide a simple observer pattern implementation, allowing you to subscribe and listen to the... -
2
pkg FreeBSD
Package management tool for FreeBSD
pkg is the package management tool for FreeBSD, designed to handle the installation, upgrading, and removal of software packages. It provides a unified interface for managing binary packages, streamlining the process of maintaining software on FreeBSD systems. With features like automatic dependency resolution and package auditing, pkg ensures a reliable and secure package management experience. -
3
Ghidra
Ghidra is a software reverse engineering (SRE) framework
Ghidra is a free and open-source reverse engineering framework developed by the NSA for analyzing compiled software. It supports a wide array of instruction sets and executable formats, offering features such as decompilation, disassembly, scripting, and interactive graphing. Designed for security researchers and analysts, Ghidra provides a robust environment for understanding malware, auditing code, and performing software forensics. It includes both GUI-based and headless analysis modes. -
4
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability detection, and system hardening. Test that Docker image, or improve the hardening of your deployed web application. ... -
6
Spring Data JPA
Simplifies the development of creating a JPA-based data access layer
Spring Data JPA, part of the larger Spring Data family, makes it easy to easily implement JPA-based repositories. This module deals with enhanced support for JPA-based data access layers. It makes it easier to build Spring-powered applications that use data access technologies. Implementing a data access layer of an application has been cumbersome for quite a while. Too much boilerplate code has to be written to execute simple queries as well as perform pagination, and auditing. Spring Data... -
7
NPQ
Install packages with npm or yarn by auditing them
npq is a security-focused package manager that analyzes npm dependencies for potential vulnerabilities before installation. It helps developers ensure the safety of their projects by checking for malicious or outdated packages. -
8
Harbor
An open source trusted cloud native registry project that stores
Harbor is an open-source trusted cloud native registry project that stores, signs, and scans content. Harbor extends the open-source Docker Distribution by adding the functionalities usually required by users such as security, identity and management. Having a registry closer to the build-and-run environment can improve the image transfer efficiency. Harbor supports replication of images between registries, and also offers advanced security features such as user management, access control... -
9
RustDesk Server PRO
Some scripts for RustDesk Server Pro are hosted here
This project provides the enterprise-grade backend for RustDesk deployments that need centralized management, stronger policy controls, and advanced operational tooling. It encompasses the components required to broker, relay, and supervise connections while adding administrative layers suitable for regulated or large environments. Organizations can standardize how clients authenticate, how sessions are permitted and audited, and how data paths are routed under diverse network constraints.... -
Forever Free Full-Stack Observability | Grafana CloudBuilt on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.
-
10
DeepAudit
AI multi-agent platform for automated code security auditing system
DeepAudit is an open source code security auditing platform that uses a multi-agent architecture to analyze and identify vulnerabilities in software projects. Instead of relying solely on traditional static analysis, it simulates the reasoning process of security experts through coordinated agents responsible for orchestration, reconnaissance, analysis, and verification. DeepAudit performs deep semantic understanding of code, enabling it to detect complex vulnerabilities that span multiple files and business logic layers. ... -
11
Trail of Bits Skills Marketplace
Trail of Bits Claude Code skills for security research, vulnerability
Trail of Bits Skills Marketplace is a specialized Claude Code skills marketplace built by the security research firm Trail of Bits that focuses on enhancing AI-assisted workflows for vulnerability discovery, testing, and secure development. The repository groups a set of plug-in skills tailored toward static analysis, code auditing, secure defaults detection, and other practices that matter in software security. Users can easily add the marketplace to a Claude Code environment, browse available plugins, and install specific skills for tasks like automatic Semgrep rule creation, entry-point analysis in smart contracts, or insecure defaults detection. This project leverages the agent skills architecture to let AI assistants take on detailed, repeatable security procedures that are typically manual, such as parsing Burp Suite projects or conducting variant analysis across codebases. -
12
Capslock
Tool to remap Caps Lock key behavior on Windows systems
Capslock is a command-line tool for analyzing the capabilities of Go packages to reveal what privileged operations their code and dependencies can perform. Rather than detecting vulnerabilities, Capslock focuses on identifying capabilities — permissions implied by calls to sensitive or privileged standard library functions, such as file system access, networking, or process control. By following transitive call graphs, it classifies which security-sensitive operations each package can reach,... -
13
Deckhouse
Kubernetes platform from Flant
Deckhouse is a Kubernetes platform that allows you to create homogeneous K8s clusters on any infrastructure. It manages clusters comprehensively and “automagically” and provides all necessary modules and add-ons for autoscaling, observability, security, and service mesh implementation. Deckhouse has vanilla Kubernetes under the hood and integrates a balanced set of Open Source tools that have become the industry standard. Out-of-the-box secure configuration of the Kubernetes cluster, least... -
14
Certificate Transparency Go
Auditing for TLS certificates (Go code)
certificate-transparency-go is a Go codebase for building and interacting with Certificate Transparency (CT) systems, from low-level parsing to full log operation. It includes forked ASN.1 and X.509 packages tailored to accept and analyze real-world certificates, including pre-certificates that stricter libraries would reject, supporting CT’s role as an ecosystem observatory. A TLS parsing library, CT data types, and multiple client libraries enable access to CT logs over HTTP and DNS, along... -
15
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services... -
16
gh-ost
GitHub's online schema migrations for MySQL
gh-ost is a triggerless online schema migration solution for MySQL. It is testable and provides pausability, dynamic control/reconfiguration, auditing, and many operational perks. gh-ost produces a light workload on the master throughout the migration, decoupled from the existing workload on the migrated table. It has been designed based on years of experience with existing solutions, and changes the paradigm of table migrations. All existing online-schema-change tools operate in similar... -
17
c15t
The Developer-First Cookie Banner
c15t is a developer-first, open-source consent management platform designed to help modern web applications manage user privacy and compliance, especially for things like cookie banners, consent dialogs, and script loading in a way that supports GDPR and other privacy regulations. Rather than relying on heavy third-party scripts or services, it offers a flexible, headless engine that web teams can integrate directly into their front-end and edge stacks with minimal overhead, giving full... -
18
goInception
A MySQL operation and maintenance tool
goInception is a MySQL maintenance tool, which can be used to review, implement, backup, and generate SQL statements for rollback. It parses SQL syntax and returns the result of the review based on custom rules. GoInception extension of the usage of Inception, to specify the remote server by adding annotations before the SQL review, and for distinguishing SQL and review adding special comments at the beginning and the end of SQL. Any MySQL protocol-driven can connect in the same way, but the... -
19
Entity Framework Plus
Entity framework plus extends your DbContext with must-haves features
Entity Framework Plus extends your DbContext with must-haves features, include filter, auditing, caching, query future, batch delete, batch update, and more. Deleting using Entity Framework Core can be very slow if you need to delete hundreds or thousands of entities. Entities are first loaded in the context before being deleted which is very bad for the performance and then, they are deleted one by one which makes the delete operation even worse. EF+ Batch Delete is the most efficient way... -
20
Gitolite
Hosting git repositories
Gitolite is a lightweight Git server and access-control system that lets many human users share a single Unix account while enforcing fine-grained permissions. Configuration is “as code”: you manage users’ SSH keys and per-repo rules in a special admin repository, then push to apply changes instantly. Permissions are precise—read, write, or force-push can be allowed or denied per repository, branch, tag, or arbitrary ref patterns—so sensitive branches can be protected. Delegation features... -
21
GitAgent
A framework-agnostic, git-native standard for defining AI agents
...The repository typically includes a manifest file that describes the agent’s configuration, along with additional files that define behavior, skills, and integrations with external tools. This structure allows organizations to treat agents similarly to software projects, with version control, branching, auditing, and collaboration handled through Git. -
22
applied-ml
Papers & tech blogs by companies sharing their work on data science
The applied-ml repository is a rich, curated collection of papers, technical articles, and case-study blog posts about how machine learning (ML) and data-driven systems are applied in real production environments by major companies. Instead of focusing solely on theoretical ML research, this repo highlights industry-scale challenges: data collection, quality, infrastructure, feature stores, model serving, monitoring, scalability, and how ML is embedded in product workflows. It acts as a... -
23
Infosec Reference
An Information Security Reference That Doesn't Suck
Infosec Reference is a curated knowledge base and resource repository for information security practitioners. It aggregates cheat sheets, tooling guides, protocol deep dives, incident response playbooks, and threat actor profiles—all organized under accessible categories (network, web, host, cryptography, auditing). The repo is built as a living wiki of sorts: practitioners contribute updates, expand sections, or refine explanations as the threat landscape evolves. Because security spans... -
24
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release... -
25
Daptin
Daptin - Backend As A Service - GraphQL/JSON-API Headless CMS
Take the API overhead out of your brain with Daptin. Complete granular access to your data over the network. A single binary to power up your application. Database-backed persistence, 3NF normalized tables. JSON API/GraphQL for CRUD apis. User and group management and access control. Social login with OAuth: tested with google, github, LinkedIn. Actions for abstracting out business flows. Extensive state tracking APIs. Enable Data Auditing from a single toggle. Synchronous Data Exchange with...
