Search Results for "sonar-scanner"
Sort By:
Showing 88 open source projects for "sonar-scanner"
View related business solutions-
Boost application security and continuity with SKUDONET ADC, our Open Source Load Balancer, that maximizes IT infrastructure flexibility. Additionally, save up to $470 K per incident with AI and SKUDONET solutions, further enhancing your organization’s risk management and cost-efficiency strategies.
-
HubSpot is an AI-powered customer platform with all the software, integrations, and resources you need to connect your marketing, sales, and customer service. HubSpot's connected platform enables you to grow your business faster by focusing on what matters most: your customers.
-
1
InQL Scanner
A Burp Extension for GraphQL Security Testing
A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. Since version 1.0.0 of the tool, InQL was extended to operate within Burp Suite. In this mode, the tool will retain all the stand-alone script capabilities and add a handy user interface for manipulating queries. Search for known GraphQL URL paths; the tool will grep and match known values to detect GraphQL endpoints within the target... -
2
theHarvester
E-mails, subdomains and names
theHarvester is a very simple to use, yet powerful and effective tool designed to be used in the early stages of a penetration test or red team engagement. Use it for open source intelligence (OSINT) gathering to help determine a company's external threat landscape on the internet. The tool gathers emails, names, subdomains, IPs and URLs using multiple public data sources. -
3
nuclei
Fast and customizable vulnerability scanner based on simple YAML
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security... -
4
RustScan
The Modern Port Scanner
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Scans all 65k ports in 3 seconds. Full scripting engine support. Automatically pipe results into Nmap, or use our scripts (or write your own) to do whatever you want. Adaptive learning. RustScan improves the more you use it. No bloated machine learning here, just basic maths. The usuals you would expect. IPv6, CIDR, file input and more. Automatically... -
Red Hat Enterprise Linux (RHEL) on Microsoft Azure provides a secure, reliable, and flexible foundation for your cloud infrastructure. Red Hat Enterprise Linux on Microsoft Azure is ideal for enterprises seeking to enhance their cloud environment with seamless integration, consistent performance, and comprehensive support.
-
5
syft
CLI tool and library for generating a Software Bill of Materials
CLI tool and library for generating a Software Bill of Materials from container images and filesystems. syft is a CLI tool and Go library for generating a Software Bill of Materials (SBOM) from container images and filesystems. Exceptional for vulnerability detection when used with a scanner like Grype. Generates SBOMs for container images, filesystems, archives, and more to discover packages and libraries. Supports OCI, Docker and Singularity image formats. Linux distribution identification... -
6
grype
A vulnerability scanner for container images and filesystems
A vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems. Scan the contents of a container image or filesystem to find known vulnerabilities. Find vulnerabilities for major operating system packages. Find vulnerabilities for language-specific packages. You can also choose another destination directory and release version for the installation... -
7
SecretScanner
Find secrets and passwords in container images and file systems
Deepfence SecretScanner can find unprotected secrets in container images or file systems. Secrets are any kind of sensitive or private data that gives authorized users permission to access critical IT infrastructure (such as accounts, devices, networks, cloud based services), applications, storage, databases, and other kinds of critical data for an organization. For example, passwords, AWS access IDs, AWS secret access keys, Google OAuth Key etc. are secrets. Secrets should be strictly kept... -
8
Brakeman
A static analysis security vulnerability scanner for Ruby on Rails app
Brakeman is a free vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Brakeman now uses the parallel gem to read and parse files in parallel. By default, parallel will split the reading/parsing into a number of separate processes based on number of CPUs. In testing, this has dramatically improved speed for large code bases, around 35% reduction in overall scan time... -
9
Coraza
OWASP Coraza WAF is a golang modsecurity compatible firewall library
..., including the OWASP Top Ten, with a minimum of false alerts. CRS protects from many common attack categories including: SQL Injection (SQLi), Cross Site Scripting (XSS), PHP & Java Code Injection, HTTPoxy, Shellshock, Scripting/Scanner/Bot Detection & Metadata & Error Leakages. Coraza is a library at its core, with many integrations to deploy on-premise Web Application Firewall instances. -
ConnectWise CPQ, formerly ConnectWise Sell, is a professional quote and proposal automation software for IT solution providers. ConnectWise CPQ offers a wide range of tools that enables IT solution providers to save time, quote more, and win big. Top features include professional quote or proposal templates, product catalog and sourcing, workflow automation, sales reporting, and integrations with best-in-breed solutions like Cisco, Dell, HP, and Salesforce.
-
10
Retire.js
Scanner detecting the use of JavaScript libraries
There is a plethora of JavaScript libraries for use on the web and in node.js apps out there. This greatly simplifies, but we need to stay updated on security fixes. "Using Components with Known Vulnerabilities" is now a part of the OWASP Top 10 and insecure libraries can pose a huge risk for your web app. The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules.... -
11
nodejsscan
nodejsscan is a static security code scanner for Node.js applications
Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications. -
12
Tsunami
Network security scanner for detecting severity vulnerabilities
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence. When security vulnerabilities or misconfigurations are actively exploited by attackers, organizations need to react quickly in order to protect potentially vulnerable assets. As attackers increasingly invest in automation, the time window to react to a newly released, high severity vulnerability is usually measured in hours. This poses... -
13
Sippts
Set of tools to audit SIP based VoIP Systems
... is a set of tools to audit VoIP servers and devices using SIP protocol. Sipscan is a fast scanner for SIP services that uses multithread. Sipscan can check several IPs and port ranges and it can work over UDP or TCP. Sipexten identifies extensions on a SIP server. Also tells you if the extension line requires authentication or not. Sipexten can check several IPs and port ranges. -
14
ThreatMapper
Open source cloud native security observability platform
Thousands of companies trust Deepfence to secure their most critical cloud workloads and applications with a unified platform. Experience rapid threat detection and remediation, while significantly reducing non-critical security alerts by 90%. Deepfence ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk of exploit. It uncovers vulnerable software components, exposed secrets, and deviations from good security practices. ThreatMapper uses a... -
15
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
An open-source Kubernetes security platform for your clusters, CI/CD pipelines, and IDE that seperates out the security signal from the scanner noise. Kubescape is an open-source Kubernetes security platform, built for use in your day-to-day workflow, by fitting into your clusters, CI/CD pipelines and IDE. It serves as a one-stop-shop for Kubernetes security and includes vulnerability and misconfiguration scanning. You can run scans via the CLI, or add the Kubescape Helm chart, which gives... -
16
Angry IP Scanner
A cross-platform network scanner that is fast and simple to use
Angry IP scanner is fast and friendly network scanner for Windows, Linux, and Mac. It is very extensible, allowing it to be used for very wide range of purposes, with the primary goal of being useful to network administrators. -
17
Antivirus Live CD
4MLinux fork including ClamAV scanner
Antivirus Live CD is an official 4MLinux fork including the ClamAV scanner. It's designed for users who need a lightweight live CD, which will help them to protect their computers against viruses. Ethernet, WiFi, PPP and PPPoE are supported by Antivirus Live CD to enable automatic updates of its virus signature databases. All partitions are mounted during the boot process so that they can be scanned by ClamAV. The Antivirus Live CD ISO images are fully compatible with UNetbootin, which can... -
18
Wapiti
Wapiti is a web-application vulnerability scanner
Wapiti is a vulnerability scanner for web applications. It currently search vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, XXE injections, CRLF injections, Server Side Request Forgery, Open Redirects... It use the Python 3 programming language. -
19
Raspirus
A simple hash-based virus-scanner
Introducing Raspirus, an innovative application designed to address the security concerns of working on offline computers without antivirus protection, particularly those shared among multiple users who frequently utilize personal USB devices for file transfers. By leveraging the power of Raspberry Pi, as well as Windows and other Linux systems, Raspirus provides a comprehensive solution. Through file scanning functionality, Raspirus intelligently examines each file on the USB key,... -
20
SecurityInfinity Cybersecurity
Secure your website in 10 minutes in one click.
Secure your website in 10 minutes in one click. AI enabled cybersecurity suite for vulnerability assessment and realtime analytics. Assess your website, cloud platform and identify vulnerabilities now. -
21
LabMACOSX: Is a laboratory of applications written in Applescript language. Brutosx is brutus.pl remote login and password bruteforce cracker inserted inside the application Brutosx (need only of Net::Telnet Perl module are required get them at CPAN, while the list of users and passwords, and the service is inserted inside the application). SSHOSX is ssh application client to establish an ssh connection from client to server, Nmaposx is nmap port scanner invoked from the application Nmaposx...
-
22
SafeUtils
110+ developer tools as native MacOS, Linux & Windows desktop apps.
Tools: https://safeutils.com/barcode-generator https://safeutils.com/color-picker https://safeutils.com/qr-code-generator https://safeutils.com/qr-code-scanner https://safeutils.com/word-counter https://safeutils.com/base-64-decoder https://safeutils.com/diff-checker https://safeutils.com/hex-to-ascii https://safeutils.com/json-formatter https://safeutils.com/lorem-ipsum-generator https://safeutils.com/random-generator https://safeutils.com/time-converter https://safeutils.com... -
23
Sn3rpOs_v7.21: CoNt4g1N
TinFoilSec Presents: Sn3rpOs_v7.21 (CoNt4g1N)
*Updated 11/05/2021 TinfoilSec Presents: Sn3rpOs [Codename: CoNt4g1N] Features: Xfce4 Desktop Kali Linux Full System Torified with Privoxy & Tor bleachbit Wire Signal Veracrypt All repos transported through Privoxy&Tor dnscrypt-proxy (no-logs) Tor Browser Custom Tor Switcher and Pyloris Firefox-esr (configured with tor) Thunderbird ProtonVPN (Free VPN no-logs) Sn1per Vault Scanner RED_HAWK Fork of Kali Rolling, Debian Stretch/Buster -No Back Doors- Now with UEFI boot... -
24
Vision nmap's CPE to CVE conversor
Nmap's XML result parse and NVD's CPE correlation to search CVE.
Nmap's XML result parse and NVD's CPE correlation to search CVE. https://github.com/CoolerVoid/Vision2 -
25
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release...