Search Results for "detect it"
Sort By:
Showing 100 open source projects for "detect it"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Google AI Studio | Gemini API | Google for DevelopersGoogle AI Studio is a comprehensive, web-based development environment that democratizes access to Google's cutting-edge AI models, notably the Gemini family, enabling a broad spectrum of users to explore and build innovative applications. This platform facilitates rapid prototyping by providing an intuitive interface for prompt engineering, allowing developers to meticulously craft and refine their interactions with AI. Beyond basic experimentation, AI Studio supports the seamless integration of AI capabilities into diverse projects, from simple chatbots to complex data analysis tools. Users can rigorously test different prompts, observe model behaviors, and iteratively refine their AI-driven solutions within a collaborative and user-friendly environment. This empowers developers to push the boundaries of AI application development, fostering creativity and accelerating the realization of AI-powered solutions.
-
1
Detect It Easy
Program for determining types of files for Windows, Linux and MacOS
Detect It Easy (DiE) is a tool for determining the type and internal features of binary and other file formats. It is widely used by malware analysts, digital forensics investigators, reverse engineers, and security researchers to quickly inspect unknown files and infer their type, architecture, compiler/packer used, and internal structure. -
2
Terrascan
Detect compliance and security violations across Infrastructure
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. As you embrace Infrastructure as Code (IaC) such as Terraform, Kubernetes, Argo CD, Atlantis and AWS CloudFormation, it is important to ensure that security best practices and compliance requirements are observed. -
3
Falco
Malicious activity detection for Cloud-native applications
Falco is a open source project to detect abnormal application behavior in a cloud native environment like Kubernetes. This cloud native runtime security project allows you to detect unexpected application behavior and alerts on threats. -
4
Vuls
Agentless vulnerability scanner for Linux/FreeBSD
...It is possible to acquire the state of the server executing some commands. Vuls v0.5.0 warns not-restarting-processes which updated before but not restarting yet. And detect processes affecting software update in advance. -
Control D: Advanced DNS Filtering for Businesses and ConsumersControl D is a modern and customizable DNS service that blocks threats, unwanted content and ads - on all devices. Onboard in minutes, and forget about it.
-
5
Tracee
Linux Runtime Security and Forensics using eBPF
...It is using eBPF technology to tap into your system and expose that information as events that you can consume. Events range from factual system activity events to sophisticated security events that detect suspicious behavioral patterns. -
6
Sigma
Main Sigma Rule Repository
...The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost. Sigma is an open-source tool for defining generic detection rules for security event logs, enabling security professionals to detect threats across platforms. -
7
Portmaster
Block Mass Surveillance
...Restore privacy and take back control over all your computer's network activity. Discover everything that is happening on your computer. Expose every connection your applications make and detect evil ones. Finally, get the power to act accordingly. Protect your whole computer, not just your browser. Block all advertisements and trackers for every application. Easily add your own rules and block individual domains. Make your own rules. Completely cut off applications from the Internet. Or block all p2p connections except for certain apps. ... -
8
RBAC Manager
A Kubernetes operator that simplifies the management of Role Bindings
RBAC Manager is designed to simplify authorization in Kubernetes. This is an operator that supports declarative configuration for RBAC with new custom resources. Instead of managing role bindings or service accounts directly, you can specify a desired state and RBAC Manager will make the necessary changes to achieve that state. -
9
SSH-MITM
Server for security audits supporting public key authentication
ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not possible, the authentication will fall back to password-authentication. When publickey authentication is possible, a forwarded agent is needed to login to the remote server. ... -
Smart IT MonitoringNetCrunch is a smart, agentless network monitoring and management software system capable of monitoring every device in a network. Developed by AdRem Software, NetCrunch helps businesses of all sizes remotely monitor network services, switches, routers, bandwidth utilization, and traffic flow and visualize their system performance.
-
10
Retire.js
Scanner detecting the use of JavaScript libraries
..."Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules. grunt-retire scans your grunt-enabled app for use of vulnerable JavaScript libraries and/or node modules. Scans visited sites for references to insecure libraries and puts warnings in the developer console. ... -
11
InQL Scanner
A Burp Extension for GraphQL Security Testing
...In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries. Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target website. Search for exposed GraphQL development consoles (GraphiQL, GraphQL Playground, and other standard consoles) Use a custom GraphQL tab displayed on each HTTP request/response containing GraphQL- Leverage the templates generation by sending those requests to Burp's Repeater tool ("Send to Repeater"). ... -
12
XRAY
XRay for recon, mapping and OSINT gathering from public networks
...XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or app-security workflows: it leverages extensible plugins to adapt to different protocols, inject payloads, and detect common bug classes such as injection flaws, misconfigurations, and unsafe endpoints. The modular architecture means users can customize or extend the engine with new analyzers, fuzzers, or output formats tailored to specific testing environments. Rather than being a “one-size-fits-all” black box scanner, XRAY encourages interactive exploration and integrates with other tooling. -
13
SCAP Security Guide
Security automation content in SCAP, Bash, Ansible, and other formats
The purpose of this project is to create security policy content for various platforms, Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, SUSE Linux Enterprise Server (SLES), as well as products, Firefox, Chromium, JRE. We aim to make it as easy as possible to write new and maintain existing security content in all the commonly used formats. "SCAP content" refers to documents in the XCCDF, OVAL and Source DataStream formats. These documents can be presented in different forms and by... -
14
CrowdSec
Firewall able to analyze visitor behavior & provide adapted response
...A modern behavior detection system, written in Go. It stacks on Fail2ban's philosophy, but uses Grok patterns & YAML grammar to analyse logs, a modern decoupled approach (detect here, remedy there) for Cloud/Containers/VM based infrastructures. Once detected you can remedy threats with various bouncers (block, 403, Captchas, etc.) and blocked IPs are shared among all users to further improve their security. Crowdsec is an open-source, lightweight software, detecting peers with aggressive behaviors. -
15
Laravel CSP
Set content security policy headers in a Laravel app
...Imagine one of your JavaScript dependencies sends all keystrokes, including passwords, to a third party website. It's very easy for someone to hide this malicious behaviour, making it nearly impossible for you to detect it (unless you manually read all the JavaScript code on your site). For a better idea of why you really need to set content security policy headers, read this excellent blog post by David Gilbertson. Setting Content Security Policy headers helps solve this problem. These headers dictate which sites your site is allowed to contact. ... -
16
ThreatMapper
Open source cloud native security observability platform
...It uncovers vulnerable software components, exposed secrets, and deviations from good security practices. ThreatMapper uses a combination of agent-based inspection and agent-less monitoring to provide the widest possible coverage to detect threats. ThreatMapper carries on the good 'shift left' security practices that you already employ in your development pipelines. It continues to monitor running applications against emerging software vulnerabilities and monitors the host and cloud configuration against industry-expert benchmarks. -
17
MemGuard
Secure software enclave for storage of sensitive information in memory
...Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage collector. Buffers that store plaintext data are fortified with guard pages and canary values to detect spurious accesses and overflows. The effort is taken to prevent sensitive data from touching the disk. This includes locking memory to prevent swapping and handling core dumps. Kernel-level immutability is implemented so that attempted modification of protected regions results in an access violation. -
18
OWASP Find Security Bugs
The SpotBugs plugin for security audits of Java web applications
The SpotBugs plugin for security audits of Java web applications. Find Security Bugs is the SpotBugs plugin for security audits of Java web applications. It can detect 141 different vulnerability types with over 823 unique API signatures. Cover popular frameworks including Spring-MVC, Struts, Tapestry and many more. Plugins are available for Eclipse, IntelliJ / Android Studio and NetBeans. Command line integration is available with Ant and Maven. Can be used with systems such as Jenkins and SonarQube. ... -
19
Flan Scan
A pretty sweet vulnerability scanner
Flan Scan is a lightweight open-source network vulnerability scanner designed to make it easy to detect exposed services, open ports, and associated vulnerabilities across IP ranges or network segments as part of security audit and compliance workflows. It is essentially a thin wrapper around the widely-used Nmap scanner, augmenting it with scripts and tooling that transform raw Nmap output into vulnerability-focused reports that map detected services to known CVEs, making results more actionable for administrators and auditors. ... -
20
ModSecurity Nginx Connector
ModSecurity v3 Nginx Connector
...It integrates WAF processing into the NGINX request/response phases, allowing rules to inspect headers, bodies, and even streaming request data before it reaches upstream apps. Operators can load the OWASP Core Rule Set or custom rules to detect and block common attacks such as SQLi, XSS, RCE patterns, and protocol anomalies. The module exposes directives for enabling audit logging, anomaly scoring, request body buffering limits, and performance tuning to fit high-traffic deployments. Because it’s a native NGINX module, it benefits from NGINX’s event-driven architecture and can be compiled as a dynamic module for flexible packaging. ... -
21
OSS-Fuzz
OSS-Fuzz - continuous fuzzing for open source software
OSS-Fuzz is a large-scale fuzz testing platform developed by Google to improve the security and reliability of widely used open source software. Fuzz testing is a proven method for uncovering programming errors such as buffer overflows and memory leaks, which can lead to severe security vulnerabilities. By leveraging guided in-process fuzzing, Google has already identified thousands of issues in projects like Chrome, and this initiative extends the same capabilities to the broader open... -
22
Rack::Attack
Rack middleware for blocking & throttling
...For the security of our users, we have a stricter throttle for login attempts. This makes it very time consuming for attackers to guess users’ passwords. We also use the IPCat ruby library to detect requests from well-known datacenters. Rack::Attack can also track requests without blocking them. We rely on Rack::Attack to let developers quickly track and throttle requests. It helps keep our site reliable, so we can spend more energy building better features. We’re glad to make it publicly available to the open-source community. -
23
Nikto
Web server vulnerability scanner for security assessments
Nikto is an open-source web server scanner that performs comprehensive tests to detect potentially dangerous files, outdated server software, and configuration issues. It’s widely used by penetration testers and security professionals for auditing web applications and infrastructure. Nikto supports multiple output formats and can integrate with other tools for automated scanning workflows. -
24
readpe
The PE file analysis toolkit
readpe (formerly known as pev) is a multiplatform toolkit to work with PE (Portable Executable) binaries. Its main goal is to provide feature-rich tools for properly analyze binaries with a strong focus on suspicious ones. -
25
Petoron-P2P-Messenger
minimalistic, secure and autonomous P2P messenger
Petoron P2P Messenger (P-P2P-M) Architecture: Pure P2P - no servers, no databases Key storage: Keys generated in memory, never stored, erased after use Metadata: Only IP and port exist during the session - everything else is encrypted & obfuscated Encryption: PQS v1.2 - PBKDF2-HMAC-SHA256 (200k), BLAKE2s-MAC, custom stream cipher + fake padding Authentication: BLAKE2s-MAC (16 bytes) - instant failure on any data change Packet obfuscation: --stealth mode - padding, hidden structures Connection: Direct peer-to-peer only Anonymity: No accounts, logins, or phone numbers Third-party access: Impossible without physical access to both peers during session History: No storage — all in RAM, wiped on close Message size: Limited only by RAM & MTU — no artificial limits External dependencies: None DPI/blocking resistance: Harder to detect, can be masked Autonomy: Fully offline until peers connect https://github.com/01alekseev/Petoron-P2P-Messenger
