Search Results for "issues"
Sort By:
Showing 17 open source projects for "issues"
View related business solutions-
Stop Cyber Threats with VM-Series Next-Gen Firewall on AzureGain integrated visibility across all traffic in a single pass. Deploy Palo Alto Networks VM-Series to determine application identity and content while automating security policy updates via rich APIs.
-
Stop vibe-debugging.AppSignal's MCP server hands Claude, Cursor, or Zed your real errors, traces, and the deploy that shipped them. AI writes the fix; you review the diff.
-
1
OSS-Fuzz
OSS-Fuzz - continuous fuzzing for open source software
...Fuzz testing is a proven method for uncovering programming errors such as buffer overflows and memory leaks, which can lead to severe security vulnerabilities. By leveraging guided in-process fuzzing, Google has already identified thousands of issues in projects like Chrome, and this initiative extends the same capabilities to the broader open source community. OSS-Fuzz integrates modern fuzzing engines with sanitizers and runs them at scale in a distributed environment, providing automated testing and continuous monitoring. The platform supports multiple programming languages including C/C++, Rust, Go, Python, Java/JVM, and JavaScript, ensuring wide coverage across critical open source projects. -
2
SkillSpector
Security scanner for AI agent skills
...The project focuses on detecting vulnerabilities, malicious behavior, and risky patterns that may be hidden inside skill files. It combines fast static checks with optional LLM-based semantic review for issues that require deeper intent analysis. It supports several input types, including Git repositories, URLs, zip files, folders, and individual files. It also produces practical reports with risk scores, severity labels, and recommendations that make security reviews easier to act on. -
3
ClusterFuzz
Scalable fuzzing infrastructure
ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz. ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process. Can run on any size cluster (e.g. OSS-Fuzz instance runs on 100,000 VMs). Fully automatic bug filing, triage and closing for various issue trackers (e.g. -
4
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
...Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release using pip3 install sipvicious or follow the instructions for further options. Available on any platform that supports Python 3. Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness. The next generation is SIPVicious PRO, a complete new code base and overhaul of the concepts found in SIPVicious OSS. ... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
Defending Code Reference Harness
Skills for threat modeling, scanning, triage, patching, etc.
Defending Code Reference Harness is a reference implementation for autonomous vulnerability discovery and remediation with Claude. It is designed for security teams that want a structured way to test, triage, and patch software issues with agent support. The project includes skills for threat modeling, scanning, triage, patching, and customizable autonomous analysis workflows. Its default pipeline focuses on finding memory bugs in C and C++ code using ASAN as the crash detector. The overall architecture is meant to be adaptable, so teams can modify it for other languages, bug classes, and detection systems. ... -
6
Mantis
Automated framework for asset discovery and vulnerability scanning
Mantis is an open source security framework designed to automate the workflow of asset discovery, reconnaissance, and vulnerability scanning for organizations and security teams. Mantis operates through a command line interface and accepts targets such as top level domains, IP addresses, or network ranges as input. From these inputs, it automatically discovers associated digital assets including subdomains and SSL certificates, allowing users to map the attack surface of a system. After... -
7
Cloud Custodian
Rules engine for cloud security, cost optimization, and governance
...It consolidates many of the ad-hoc scripts organizations have into a lightweight and flexible tool, with unified metrics and reporting. Custodian supports managing AWS, Azure, and GCP public cloud environments. Besides just providing reports of issues, Custodian can actively enforce the security policies you define. Setup off-hours to save you money, by turning-off resources when they're not being used. Garbage collects unused resources by looking into utilization metrics. Custodian can be run locally, on an instance, or Serverless in AWS Lambda. Cloud Custodian is open source and free for everyone to use. ... -
8
CacheGuard Gateway
Free UTM appliance: firewall, VPN, WAF and antivirus in one ISO.
...CacheGuard is a free open-source network security appliance for startups and growing businesses that need serious protection without the complexity. Install CacheGuard-OS on any x86 machine or VM and get a complete security gateway in under an hour. No plug-ins, no compatibility issues. Everything works out of the box. CacheGuard-OS is not an app, it IS the OS. A fully custom network appliance operating system built from scratch over 20 years, now fully open source. One ISO includes: firewall, VPN, web antivirus, URL filtering, SSL inspection, WAF, reverse proxy, load balancer and QoS. Free for any number of users. ... -
9
MrFish
A anti-phishing Python script with headers and proxies!
MrFish is a powerful tool designed to automate the creation of fake account submissions for phishing tests and vulnerability assessments. With the ability to generate random usernames, passwords, and even credit card data, it simulates real user behavior to help test the security of online forms. Featuring customizable settings for proxy support, user inputs (email or username), and multiple threads for speed, MrFish provides an efficient way to stress-test web servers and form-handling... -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
10
paramspider
Mine parameterized URLs from web archives for security testing
...Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance. -
11
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. -
12
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
...In addition to information gathering, the project includes a built-in fuzzing component called Inject-X, which tests dynamic URLs for common vulnerabilities listed in the OWASP Top 10. The scanner analyzes parameters and injects payloads to detect issues such as SQL injection, cross-site scripting (XSS), and open redirect vulnerabilities. -
13
MozDef
MozDef: Mozilla Enterprise Defense Platform
MozDef aims to bring real-time incident response and investigation to the defensive toolkits of security operations groups in the same way that Metasploit, LAIR, and Armitage have revolutionized the capabilities of attackers. We use MozDef to ingest security events, alert us to security issues, investigate suspicious activities, handle security incidents, and visualize and categorize threat actors. The real-time capabilities allow our security personnel all over the world to work collaboratively even though we may not sit in the same room together and see changes as they occur. The integration plugins allow us to have the system automatically respond to attacks in a preplanned fashion to mitigate threats as they occur. -
14
This project automates the reporting of improper Internet use by the X-ARF format. The two schemas specified abuse_login-attack and abuse_malware are currently implemented. Fixing a Bug and the Date / Timestamp issues. Now it should work fine :)
-
15
A simple keylogger written in python. It is primarily designed for backup purposes, but can be used as a stealth keylogger, too. It does not raise any trust issues, since it is a set of [relatively] short python scripts that you can easily examine.
-
16
Hoppy the {H}ttp {O}tions {P}rober in {PY}thon checks the availability of http methods on a specified server. It will probe these methods to see if they are active and in some cases disclose configuration issues leaking system information
-
17
Security Advisor is a program designed to analyze and report security issues beyond application vulnerabilities. The program will analyze system and network configurations to recommend ways for improving security.
- Previous
- You're on page 1
- Next
