Search Results for "tools" - Page 4
Sort By:
Showing 471 open source projects for "tools"
View related business solutions-
Compliant and Reliable File Transfers Backed by Top Security CertificationsStop relying on non-certified, legacy file transfer tools that creak under the weight of modern security demands. Get full audit trails, advanced access controls and more supported by an award-winning team of experts. Start your free 25-day trial today.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
GoSearch
OSINT tool to find usernames and digital footprints across 300+ sites
...The tool scans more than 300 platforms to determine whether a specific username exists on social networks and other online services. Built with the Go programming language, it aims to provide faster performance compared to similar tools written in other languages. GoSearch was inspired by the well-known Sherlock username search tool, but it attempts to address several of its limitations such as slow execution, outdated sources, and inaccurate results. The tool reduces false positives and false negatives by clearly marking uncertain matches, allowing users to quickly identify reliable results. ... -
2
Cryptol
Cryptol: The Language of Cryptography
Cryptol is a domain-specific language (DSL) for specifying and verifying cryptographic algorithms. Developed by Galois, Cryptol provides a high-level mathematical syntax for describing cryptographic primitives and enables formal verification of algorithm properties. It is used in academic, research, and defense sectors to validate correctness and security through symbolic execution and model checking, ensuring critical cryptographic code is free of design flaws. -
3
SLSA GitHub Generator
Language-agnostic SLSA provenance generation for Github Actions
This repository contains free tools to generate and verify SLSA Build Level 3 provenance for native GitHub projects using GitHub Actions. Developers can build their software using a secure process that protects against many supply chain attacks and tampering. Users of their software can verify a tamper-proof statement of the process to know how the software was created. -
4
Ente
End-to-end encrypted cloud for photos, videos and 2FA secrets
Ente is a fully open-source, end‑to‑end encrypted cloud platform designed for securely storing and managing your photos, videos, and 2FA secrets — without needing to trust the service provider. It includes cross‑platform clients and a CLI for self‑hosting needs. Ente is a service that provides a fully open source, end-to-end encrypted platform for you to store your data in the cloud without needing to trust the service provider. On top of this platform, we have built two apps so far: Ente... -
$300 Free Credits to Build on Google CloudStart your next project with $300 in free Google Cloud credit. Spin up VMs, run containers, query petabytes in BigQuery, or build agents with Gemini Enterprise Agent Platform. Once your credits are used, keep building with 20+ always-free tier products including Compute Engine, Cloud Storage, GKE, and Cloud Run functions. No commitment required—just sign up and start building.
-
5
EMAGNET
Automated hacking tool to find leaked databases with 97.1% accuracy
Automated hacking tool that will find leaked databases with 97.1% accurate to grab mail + password. Before using Emagnet, please remember that with great power comes great responsibility. Pastebin patched the vulnerability I previously used in order to get recent uploads, so at the moment it is not possible to get recently uploaded files, you are now limited to all syntaxes exempt the default one (95% get's uploaded as 'text' and this is removed from all recent upload lists). Bruteforce... -
6
ASNmap
CLI tool for mapping organization network ranges using ASN data
...Output can be generated in multiple formats including plain text, JSON, and CSV, enabling flexible data processing and analysis. asnmap also supports reading input from standard input and piping its results directly into other command line tools for chained workflows. -
7
BoringSSL
Mirror of BoringSSL
BoringSSL is a Google-maintained fork of OpenSSL, designed specifically to meet the security, performance, and maintainability needs of Google’s infrastructure and products. While fully open source, BoringSSL is not intended for general public use — it serves as a streamlined, heavily modified SSL/TLS and cryptography library optimized for Google’s internal ecosystem, including Chrome/Chromium, Android, and other Google services. The project prioritizes security, simplicity, and... -
8
Alerta
Alerta monitoring system
Email was not designed to be used as an alert console. It is not a scalable solution when it comes to monitoring and alert visualization. A minimal installation of Alerta can be deployed quickly and easily as monitoring requirements and confidence grow. There are integrations available with Prometheus, Riemann, Nagios, Zabbix, netdata, Sensu, Pingdom and Cloudwatch. Integrating bespoke systems is easy using the API or command-line tool. Alerts are submitted in JSON format to an HTTP API.... -
9
OWASP Maryam
Modular OSINT framework for automated open-source intelligence gatheri
Maryam is an open source intelligence (OSINT) framework designed to automate the process of gathering and analyzing publicly available information from the internet. It provides a modular environment that enables users to collect data from search engines, open data sources, and various online services for reconnaissance and investigative purposes. Written in Python, Maryam is built to provide a flexible and extensible framework for harvesting information quickly and efficiently from open... -
Build Agents and Models on One PlatformGemini Enterprise Agent Platform is Google Cloud's comprehensive platform for developers to build, scale, govern, and optimize agents and models. Choose from Google's most advanced models and third-party models like Anthropic's Claude Model Family.
-
10
pwd.sh
GnuPG symmetric secrets manager using Bash
...The tool emphasizes privacy by avoiding reliance on external services or network calls, ensuring that password generation happens entirely locally. It is well-suited for developers and security-conscious users who prefer command-line tools. -
11
Scope Sentry
Cyberspace asset mapping and vulnerability scanning platform
ScopeSentry is an open source cybersecurity tool designed for cyberspace asset mapping and automated security analysis. It helps security researchers and penetration testers discover, monitor, and analyze internet-facing assets belonging to a target scope. ScopeSentry combines multiple reconnaissance and vulnerability assessment capabilities such as subdomain enumeration, port scanning, directory scanning, and sensitive information detection. ScopeSentry can automatically identify assets and... -
12
Tailsnitch
A security auditor for Tailscale configurations
tailsnitch is a security auditing tool for Tailscale networks (tailnets) that scans configurations and device setups to detect risky or overly permissive settings, helping administrators maintain a secure mesh network. Written in Go and designed to be run either as a CLI or integrated into automated pipelines, tailsnitch performs dozens of checks against common access control policies, authentication key practices, network exposure issues, and device security settings. It outputs structured... -
13
Socialite
Socialite is an OAuth2 Authentication tool
...The tool now supports the following platforms: Facebook, Github, Google, Linkedin, Outlook, QQ, TAPD, Alipay, Taobao, Baidu, DingTalk, Weibo, WeChat, Douyin, Feishu, Lark, Douban, Enterprise WeChat, Tencent Cloud, Line, Gitee, Coding. Users only need to create corresponding configuration variables, and then use tools to create authentication applications for each platform, and easily obtain the access_token and user-related information of the platform. For details about the tool implementation logic, refer to the OAuth2 documents of major platforms. -
14
Raccoon
High-performance reconnaissance and vulnerability scanning tool
...Raccoon can perform DNS enumeration, subdomain discovery, and URL fuzzing to uncover hidden endpoints and infrastructure components. It also integrates network scanning capabilities through tools such as Nmap to detect open ports, services, and potential vulnerabilities. By consolidating these reconnaissance tasks into a single command-line interface, Raccoon aims to streamline the early phases of security testing and provide actionable information for further investigation. -
15
reNgine
Automated framework for web application reconnaissance and scanning
...It provides a streamlined workflow for penetration testers, bug bounty hunters, and security teams who need to perform reconnaissance efficiently and at scale. The platform integrates multiple open-source reconnaissance tools into a unified environment with a configurable scanning engine and an intuitive web interface. reNgine focuses on improving traditional reconnaissance workflows by organizing collected data in a database and correlating results to make them easier to analyze. This approach helps security professionals avoid manually searching through scattered files and instead work with structured, searchable reconnaissance data. ... -
16
Ockam
Orchestrate end-to-end encryption, mutual authentication
Ockam is a suite of open source tools, programming libraries, and managed cloud services to orchestrate end-to-end encryption, mutual authentication, key management, credential management, and authorization policy enforcement – at massive scale. Modern applications are distributed and have an unwieldy number of interconnections that must trustfully exchange data. To build trust for data-in-motion, applications need end-to-end guarantees of data authenticity, integrity, and confidentiality. ... -
17
linkedin2username
Generate probable usernames from LinkedIn company employee lists
...This process helps security researchers, penetration testers, and investigators perform reconnaissance by building potential username lists for further security testing or OSINT analysis. Unlike tools that rely on official APIs, linkedin2username operates as a pure web scraper and therefore does not require API keys. The script uses Selenium to automate browser interactions and perform searches within LinkedIn to gather employee data. -
18
XRAY
XRay for recon, mapping and OSINT gathering from public networks
XRAY is a modular security toolset that helps developers and security professionals analyze, fuzz, and test web applications, protocols, and network services for vulnerabilities. It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or... -
19
Permify
Permify is an open-source authorization service
Permify is an open source authorization service for creating fine-grained and scalable authorization systems. With Permify, you can easily structure your authorization model, store authorization data in your preferred database, and interact with the Permify API to handle all authorization queries from your applications or services. Permify is inspired by Google’s consistent, global authorization system, Google Zanzibar. Our goal is to make Google's Zanzibar available to everyone and help... -
20
Findomain
Fast open source tool for discovering and monitoring domain subdomains
Findomain is an open source reconnaissance tool designed to discover and enumerate subdomains associated with a target domain. It focuses on speed and reliability by using Certificate Transparency logs and multiple well tested public APIs instead of relying solely on brute force scanning techniques. By querying multiple passive data sources in parallel, the tool can identify a large number of subdomains within a short time, making it useful for security researchers, penetration testers, and... -
21
Infosec Reference
An Information Security Reference That Doesn't Suck
Infosec Reference is a curated knowledge base and resource repository for information security practitioners. It aggregates cheat sheets, tooling guides, protocol deep dives, incident response playbooks, and threat actor profiles—all organized under accessible categories (network, web, host, cryptography, auditing). The repo is built as a living wiki of sorts: practitioners contribute updates, expand sections, or refine explanations as the threat landscape evolves. Because security spans... -
22
Amazon SNS Message Validator for PHP
Amazon SNS message validation for PHP
The Amazon SNS Message Validator for PHP library allows you to validate that incoming HTTP(S) POST messages are valid Amazon SNS notifications. This library is standalone and does not depend on the AWS SDK for PHP or Guzzle; however, it does require PHP 5.4+ and that the OpenSSL PHP extension is installed. Next, you must create an instance of MessageValidator, and then use either the isValid() or validate(), methods to validate the message. The message validator checks the SigningCertURL,... -
23
Pacu
The AWS exploitation framework, designed for testing security
...While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience and research from our countless prior AWS red team engagements. Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. ... -
24
RansomWare
This tools implements a RansomWare (cryptolocker, exfiltration, ...).
This tools implements a RansomWare (cryptolocker, data exfiltration, ransomnote, ...). -
25
Network Security Toolkit (NST)
A network security analysis and monitoring toolkit Linux distribution.
...The main intent of developing this toolkit was to provide the security professional and network administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanced Web User Interface (WUI) is provided for system/network administration, navigation, automation, network monitoring, host geolocation, network analysis and configuration of many network and security applications found within the NST distribution. ...
