Search Results for "tiny-workflow"
Sort By:
Showing 66 open source projects for "tiny-workflow"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
1
PentestGPT
Automated Penetration Testing Agentic Framework Powered by LLMs
PentestGPT is an AI-powered autonomous penetration testing agent designed to perform intelligent, end-to-end security assessments using large language models. Published at USENIX Security 2024, it combines advanced reasoning with an agentic workflow to automate tasks traditionally handled by human pentesters. The platform supports multiple penetration testing categories, including web security, cryptography, reversing, forensics, privilege escalation, and binary exploitation. PentestGPT runs in a Docker-first environment, providing a secure, reproducible setup with built-in tooling and session persistence. ... -
2
nuclei
Fast and customizable vulnerability scanner based on simple YAML
...Nuclei-Templates project provides a community-contributed list of ready-to-use templates that is constantly updated. You may still use the update-templates flag to update the nuclei templates at any time; You can write your own checks for your individual workflow and needs following Nuclei's templating guide. -
3
Shannon
Fully autonomous AI hacker to find actual exploits in your web apps
...The project blends source-aware analysis with automated web interaction so it can validate issues like injection flaws, authentication bypasses, and other exploitable paths in a way that resembles an actual attacker’s workflow. Instead of requiring you to manually reproduce findings, Shannon is designed to produce actionable evidence that a weakness can be weaponized, which helps teams prioritize what truly matters. It positions itself as a pre-attacker safety net, aiming to break your web app before someone else does and thereby reduce the gap between “potentially vulnerable” and “confirmed exploitable.” -
4
helm-secrets
A helm plugin that help manage secrets with Git workflow
A helm plugin that help manage secrets with Git workflow and store them anywhere. -
$300 in Free Credit Towards Top Cloud ServicesStart your project in minutes. After credits run out, 20+ products include free monthly usage. Only pay when you're ready to scale.
-
5
Raccoon
High-performance reconnaissance and vulnerability scanning tool
...It automates several common reconnaissance tasks, allowing security professionals to quickly gather information about a target system or web application. The tool combines multiple scanning techniques into a single workflow, helping users identify potential weaknesses, exposed services, and accessible resources on a target host. Raccoon can perform DNS enumeration, subdomain discovery, and URL fuzzing to uncover hidden endpoints and infrastructure components. It also integrates network scanning capabilities through tools such as Nmap to detect open ports, services, and potential vulnerabilities. ... -
6
OSINT Framework
OSINT Framework
...Its value lies in curation and discoverability, allowing users to pivot rapidly between relevant intelligence tools during investigations. The framework includes indicators showing whether a resource requires registration, manual editing, or local installation, improving workflow planning. -
7
Flipper Zero Firmware
Flipper Zero firmware source code
...It loves hacking digital stuff, such as radio protocols, access control systems, hardware, and more. It's fully open-source and customizable, so you can extend it in whatever way you like. Flipper Zero is a tiny piece of hardware with a curious personality of a cyber-dolphin. It can interact with digital systems in real life and grow while you use it. Explore any kind of access control system, RFID, radio protocols, and debug hardware using GPIO pins. The idea of Flipper Zero is to combine all the hardware tools you'd need for exploration and development on the go. ... -
8
FLARE VM
A collection of software installations scripts for Windows systems
...The environment configures paths, dependencies, environment variables, and common tool integrations so analysts can focus on tasks rather than setup. Updates and modular installation let users include only the tools that match their workflow, keeping the VM lean and current. Because security toolchains often clash (DLL versions, signing, privileges), FLARE VM’s packaging handles compatibility issues ahead of time. For investigations involving malware unpacking, sandboxing, static analysis, or code reversing on Windows, the platform dramatically accelerates readiness and consistency across analysts. -
9
ScubaGear
Automation to assess the state of your M365 tenant against CISA
ScubaGear is a PowerShell-based assessment tool developed by CISA to verify that Microsoft 365 tenant configuration aligns with Secure Cloud Business Application (SCuBA) baselines. It automates scanning of M365 environments like Exchange, Defender, Teams, and SharePoint, and outputs compliance reports to help administrators align with best practice security configurations. -
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
10
secator
Automated framework for running pentesting tools and workflows
Secator is a task and workflow runner designed to streamline security assessments by integrating many well-known penetration testing and reconnaissance tools into a unified framework. It acts as a centralized automation platform that helps security professionals run tasks, workflows, and scans more efficiently from a single command-line interface. It supports dozens of established security tools and organizes them into structured workflows, enabling users to perform complex reconnaissance and vulnerability discovery processes with minimal manual effort. ... -
11
Wiki.js
A modern and powerful wiki app built on Node.js
...You'll be ready to go within minutes! Step-by-step install guides are available for all platforms. Make your wiki public, completely private, or a mix of both. Whether it's on a tiny Raspberry Pi or on a high-performance VM in the cloud, Wiki.js intelligently makes use of the available resources. Built-in authentication with self-registration and password recovery capabilities. Use 3rd-party authentication services like Google, Facebook, Microsoft, GitHub, Discord, Slack and more. Add an extra layer of security using two-factor authentication for supported authentication modules. -
12
Passbolt API
Passbolt Community Edition (CE) API
...It allows users to securely store and share passwords using end-to-end encryption. Passbolt is self-hosted, offering full control over data and enhanced security. It integrates seamlessly into the workflow, allowing team members to access shared credentials while maintaining robust security practices. -
13
authentik
The authentication glue you need
authentik is an open-source Identity Provider that emphasizes flexibility and versatility. It can be seamlessly integrated into existing environments to support new protocols. authentik is also a great solution for implementing sign-up, recovery, and other similar features in your application, saving you the hassle of dealing with them. authentik is an open-source Identity Provider focused on flexibility and versatility. You can use authentik in an existing environment to add support for new... -
14
tirith
Your browser catches homograph attacks
Tirith is a terminal security guardrail that inspects what you paste or run in your shell and blocks or warns on suspicious patterns before execution, addressing an area where terminals traditionally provide almost no protection. It targets real-world attack classes like Unicode homograph URLs (lookalike domains), terminal injection tricks (ANSI escape sequences and bidi overrides), and “pipe-to-shell” installation patterns such as curl | bash that attackers frequently abuse. The project... -
15
Inventory
Asset inventory dataset for public bug bounty program targets
Trickest Inventory is an open source dataset and workflow collection designed to provide an extensive asset inventory for public bug bounty programs. The repository tracks and organizes security-relevant assets for more than 800 companies participating in public vulnerability disclosure and bug bounty initiatives. It collects information such as DNS records and web server data, helping security researchers better understand the attack surface of these programs. -
16
deepsec
Deepsec is a security harness for finding vulnerabilities
deepsec is an agent-powered security harness for finding vulnerabilities in large codebases. It is designed to run on the user’s own infrastructure, using coding agents to perform deep, project-aware security review rather than only basic pattern matching. The tool initializes a project-specific security context, scans code in batches, processes findings, and can optionally revalidate results to reduce false positives. For large repositories, it supports parallel work across worker machines... -
17
transcrypt git
transparently encrypt files within a git repository
...The process will degrade gracefully, so even people without your encryption password can safely commit changes to the repository's non-encrypted files. transcrypt protects your data when it's pushed to remotes that you may not directly control (e.g., GitHub, Dropbox clones, etc.), while still allowing you to work normally on your local working copy. You can conveniently store things like passwords and private keys within your repository and not have to share them with your entire team or complicate your workflow. transcrypt is in the same vein as existing projects like git-crypt and git-encrypt, which follow Git's documentation regarding the use of clean/smudge filters for encryption. -
18
Microsoft Defender for Cloud
Welcome to the Microsoft Defender for Cloud community repository
Microsoft Defender for Cloud (the community repository) is a centralized collection of programmatic automations, policy definitions, remediation scripts, and visualization workbooks designed to help organizations manage and operationalize Microsoft Defender for Cloud at scale. It packages ready-to-use Azure Policy definitions, Logic App templates, PowerShell automation, remediation actions, and custom workbooks so teams can deploy detections, enforce security posture, and automate responses... -
19
Kubescape
Kubescape is an open-source Kubernetes security platform for your IDE
An open-source Kubernetes security platform for your clusters, CI/CD pipelines, and IDE that seperates out the security signal from the scanner noise. Kubescape is an open-source Kubernetes security platform, built for use in your day-to-day workflow, by fitting into your clusters, CI/CD pipelines and IDE. It serves as a one-stop-shop for Kubernetes security and includes vulnerability and misconfiguration scanning. You can run scans via the CLI, or add the Kubescape Helm chart, which gives an in-depth view of what is going on in the cluster. Kubescape includes misconfiguration and vulnerability scanning as well as risk analysis and security compliance indicators. ... -
20
Leapp
Leapp is the DevTool to access your cloud
Let Leapp manage your Cloud credentials locally. Improve your workflow with the only open-source desktop app and CLI you’ll ever need. Your all-in-one solution to assign IAM Cloud access across teams. Cloud credentials are available with a click. Data stored locally encrypted in your System Vault. Work with your Cloud Identities from a single place. Automatic temporary Cloud credentials generation and rotation. -
21
BitVisor is a tiny hypervisor initially designed for mediating I/O access from a single guest OS. Its implementation is mature enough to run Windows and Linux, and can be used as a generic platform for various research and development projects.
-
22
Digital Signer (a PDF Signing software)
Digital Signature & eSigning software. Bulk PDF signing. Sign all Page
Digital Signer is a powerful and user-friendly software designed to secure and sign your digital documents with ease. Ideal for Tender filling, individuals, businesses, and professionals, this software ensures that your sensitive documents are protected from unauthorized editing and tampering, maintaining their integrity and authenticity. Key Features Sign PDFs with Hardware Devices: Ensuring the highest level of security. Digital Signature Certificates (DSC): Apply digital... -
23
INVISIX
INVISIX.IO - Corporate-grade privacy solution, out of the box.
🚫 One tiny box. Infinite freedom. Network-wide AdBlocker and TrackerBlocker. 💼 Secure free VPN through your office or home network — remote traffic enjoys the same AdBlock protection. 🏆 Designed for corporations, freelancers, and small companies. Simple enough for home users due to its reduced price. -
24
Textcryption
Tiny application which allows encrypting basic text.
Application which allows encrypting text. It is encrypted using own libraries. I think it is a very strong way to encrypt, specially if the text has more than 1 KB. The application reads encrypted bytes from disk, and writes encyrpted bytes to disk, so it never is saved in the hard disk decrypted. JDK-17 compatibility. You will find more about it at this web site: https://www.frojasg1.com:8443/downloads_web/web/html/encriptadorDeTexto.html?origin=sourceforge -
25
PLD
irreversible cryptographic file wiper
Petoron Local Destroyer (PLD) Features: 10-pass default cryptographic overwrite (customizable) Argon2id + AES-CFB entropy stream per session No logs, no caching, no backups Full CLI control (purge, wipe) Clean TRASH/workflow If you want your files to truly disappear — not just be deleted - PLD is the tool. https://github.com/01alekseev/PLD
