A static analysis security vulnerability scanner for Ruby on Rails applications
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites....
Manages application of security headers with many safe defaults
Web Application Security Scanner Framework
Authorization service and frontend for Docker registry (v2)
Next generation web scanner
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results...
InSpec: Auditing and Testing Framework
Checklist of security precautions for Ruby on Rails applications.
:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)...
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Discover Your Attack Surface!
🏆Core Infrastructure Initiative Best Practices Badge
A Ruby framework designed to aid in the penetration testing of WordPress systems.
:honey_pot: Unobtrusive and flexible spam protection for Rails apps
An enterprise security extension for devise, trying to meet industrial standard security demands for web applications....
Application template for Rails 6 projects; preloaded with best practices for TDD, security, deployment, and developer productivity....
Dawn is a static analysis security scanner for ruby written web applications. It supports Sinatra, Padrino and Ruby on Rails frameworks....
DevSec Linux Baseline - InSpec Profile
Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem
Visualize your aws security groups.
Dradis Framework: Colllaboration and reporting for IT Security teams
Rails 4.1 starter app with production ready performance, security, and authentication.
Application Security Automation
Vulnerability scanner using Nmap for scanning and correlating found CPEs with CVEs.
This chef cookbook provides numerous security-related configurations, providing all-round base protection....
Data analysis and OSINT framework for Twitter
CIS Docker Benchmark - InSpec Profile
Comfortable (seriously) white-list security restrictions for models on a field level
Linting tool for CloudFormation templates
Patch-level verification for Bundler
A security extension for devise, meeting industrial standard security demands for web applications.
Kubernetes RBAC static Analysis & visualisation tool
(deprecated) Android application vulnerability analysis and Android pentest tool
Simple role based security for restful_authentication
I am no longer involved in this project. If you are interested in becoming the new maintainer and making it...
API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities...
🔐 PasswordPusher is an application to securely communicate passwords over the web. Passwords automatically expire after a certain number of views and/or time has...
Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata....