Tags : Browse Projects

Select a tag to browse associated projects and drill deeper into the tag cloud.

Zed Attack Proxy

Compare

Claimed by Software Security Project Analyzed 1 day ago

The Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. It can help you automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Its also ... [More] a great tool for experienced pentesters to use for manual security testing. [Less]

1.18M lines of code

61 current contributors

3 days since last commit

43 users on Open Hub

Very High Activity
4.875
   
I Use This

Greenbone Vulnerability Management (GVM) Framework

Compare

  Analyzed 1 day ago

The Greenbone Vulnerability Management (GVM) is a framework of several services: - The Greenbone Vulnerability Manager (gvmd) is the central service that consolidates plain vulnerability scanning into a full vulnerability management solution. - The Greenbone Security Assistant (GSA) is the web ... [More] interface of GVM. - The main scanner OpenVAS Scanner is a full-featured scan engine that executes a continuously updated and extended feed of Network Vulnerability Tests (NVTs). - Complementary to the web interface, GVM-Tools allows batch processing / scripting via the Greenbone Management Protocol (GMP). [Less]

650K lines of code

32 current contributors

3 days since last commit

15 users on Open Hub

Very High Activity
4.28571
   
I Use This
Licenses: AGPL3_or_..., GNU_Gener..., gpl

SIRIOS

Compare

  No analysis available

A incident and advisory system for CERTs (Computer Emergency Response Teams). SIRIOS is based on the OTRS trouble ticket system that enables you to record your complete correspondence (e-mail, telephone etc.) without gaps. Thanks to the different modules of SIRIOS you can process your ... [More] CERT-specific information in a very structured manner (for example Advisories and Incidents). [Less]

0 lines of code

0 current contributors

0 since last commit

11 users on Open Hub

Activity Not Available
5.0
 
I Use This
Mostly written in language not available
Licenses: gpl

w3af

Compare

  Analyzed 1 day ago

w3af is a Web Application Attack and Audit Framework. The project goal is to create a framework to find and exploit web application vulnerabilities that is easy to use and extend. Actually w3af has more than 130 plugins, including SQL injection, Cross Site Scripting and unsafe scripts detection.

320K lines of code

14 current contributors

almost 4 years since last commit

9 users on Open Hub

Inactive
4.16667
   
I Use This

sqlmap

Compare

  Analyzed about 22 hours ago

66.2K lines of code

16 current contributors

25 days since last commit

6 users on Open Hub

Moderate Activity
5.0
 
I Use This
Licenses: No declared licenses

Arachni

Compare

  Analyzed 1 day ago

Arachni is a feature-full, modular, high-performance Ruby framework aimed towards helping penetration testers and administrators evaluate the security of web applications.

239K lines of code

0 current contributors

10 months since last commit

4 users on Open Hub

Very Low Activity
4.0
   
I Use This
Licenses: No declared licenses

OpenSCAP

Compare

  No analysis available

The OpenSCAP Project was created to provide an open-source framework to the community which enables integration with the Security Content Automation Protocol (SCAP) suite of standards and capabilities. It is the goal of OpenSCAP to provide a simple, easy to use set of interfaces to serve as the framework for community use of SCAP.

0 lines of code

20 current contributors

0 since last commit

3 users on Open Hub

Activity Not Available
0.0
 
I Use This
Mostly written in language not available
Licenses: lgpl21_or...

Lynis

Compare

Claimed by CISOfy Analyzed about 17 hours ago

Lynis is an auditing tool for systems running Linux, BSD, or other Unix derivatives. It performs a security scan and determines the hardening state of the machine. Any detected security issues will be provided in the form of a suggestion or warning. Beside security related information it will also ... [More] scan for general system information, installed packages, and possible configuration errors. This software assists with automated auditing, compliance audits (PCI DSS, HIPAA, etc), system hardening, software patch management, vulnerability detection, and malware scanning. It can be run without prior installation. Lynis is typically used by system administrators and security professionals. [Less]

20.4K lines of code

28 current contributors

10 days since last commit

3 users on Open Hub

Low Activity
5.0
 
I Use This

The Dradis Framework

Compare

  Analyzed about 1 hour ago

Dradis is an open source framework to enable effective information sharing, specially during security assessments. Our goals: Share the information effectively. Easy to use, easy to be adopted. Otherwise it would present little benefit over other systems. Flexible: with a powerful and simple ... [More] extensions interface. Small and portable. You should be able to use it while on site (no outside connectivity). It should be OS independent (no two testers use the same OS). Some of the features: Platform independent Easy report generation: in Word, HTML, etc. Markup support for the notes: styles, images, links, etc. Integration with existing systems and tools: Burp Scanner, Metasploit, Nessus, NeXpose, Nikto, Nmap, OpenVAS, OSVDB, SureCheck, Vuln::DB, w3af, wXf [Less]

16.7K lines of code

0 current contributors

9 days since last commit

2 users on Open Hub

Very Low Activity
4.0
   
I Use This

modSIC

Compare

  Analyzed about 9 hours ago

Modulo's Open Distributed SCAP Infrastructure Collector, or modSIC, makes it easier for security analysts to scan an environment vulnerabilities based on OVAL-Definitions. It's an open-source service specialized in distributed network assessments. This initiative aims at providing a common ... [More] platform for collecting security data, making it easier for solutions to automate policy compliance, audits, risk assessments, and more, using the industry-standard Security Content Automation Protocol (SCAP). [Less]

390K lines of code

0 current contributors

almost 7 years since last commit

2 users on Open Hub

Inactive
5.0
 
I Use This