Search Results for "scanning of checks"
Sort By:
Showing 37 open source projects for "scanning of checks"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Gemini 3 and 200+ AI Models on One PlatformBuild generative AI apps with Vertex AI. Switch between models without switching platforms.
-
1
kube-bench
Checks whether Kubernetes is deployed
kube-bench is a tool that checks whether Kubernetes is deployed securely by running the checks documented in the CIS Kubernetes Benchmark. Trivy, the all-in-one cloud-native security scanner, can be deployed as a Kubernetes Operator inside a cluster. Both, the Trivy CLI, and the Trivy Operator support CIS Kubernetes Benchmark scanning among several other features. -
2
nuclei
Fast and customizable vulnerability scanner based on simple YAML
Nuclei is used to send requests across targets based on a template, leading to zero false positives and providing fast scanning on a large number of hosts. Nuclei offers scanning for a variety of protocols, including TCP, DNS, HTTP, SSL, File, Whois, Websocket, Headless etc. With powerful and flexible templating, Nuclei can be used to model all kinds of security checks. We have a dedicated repository that houses various type of vulnerability templates contributed by more than 300 security researchers and engineers. ... -
3
discover
Automation framework for reconnaissance and penetration testing tasks
Discover is a collection of custom Bash scripts designed to automate many common tasks involved in penetration testing workflows. The project brings together a variety of security testing functions into a single framework that simplifies reconnaissance, scanning, and enumeration processes. It provides a menu-driven interface that allows security professionals to quickly launch different tools and scripts without manually executing each command. The framework helps streamline activities such... -
4
Tookie-OSINT
Username OSINT tool for discovering accounts across many websites
Tookie-OSINT is an open source intelligence tool designed to help security researchers, ethical hackers, and investigators discover online accounts associated with a specific username. It automates the process of searching for usernames across multiple websites, making it easier to identify a person's presence on different platforms. By entering a target username, Tookie-OSINT scans a list of supported sites and checks whether the username exists on those platforms. This approach removes the... -
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
5
User Scanner
Scan usernames and emails across many platforms from the CLI
user-scanner is a command-line OSINT tool designed to analyze the presence and availability of usernames and email addresses across many online platforms. It helps users quickly determine whether a specific username or email is already associated with accounts on social networks, developer platforms, creator communities, gaming services, and other sites. user-scanner is useful for security researchers, investigators, and analysts performing open source intelligence, as well as individuals or... -
6
tfsec
Security scanner for your Terraform code
Checks for misconfigurations across all major (and some minor) cloud providers. Applies (and embellishes) user-defined Rego policies. Supports multiple output formats: CLI, JSON, SARIF, CSV, CheckStyle, and JUnit. Configurable (via CLI flags and/or config file). Very fast, capable of quickly scanning huge repositories. Plugins for popular IDEs available (JetBrains, VSCode and Vim). -
7
Skill Scanner
Security Scanner for Agent Skills
This repository is a public security-focused scanning tool intended to analyze and assess AI agent skills for potential issues, quality concerns, and vulnerabilities. It acts as a scanner that inspects Agent Skills packages to flag structural problems, inconsistencies, or security flaws before they are deployed or integrated into agent workflows. Because agent skills can contain executable instructions and logic, scanning them for risky patterns is essential to prevent inadvertent exploitation when used by intelligent systems. ... -
8
reconFTW
Automated framework for domain reconnaissance and vulnerability scans.
reconFTW is an open source automated reconnaissance framework created for security researchers, penetration testers, and bug bounty hunters. The tool streamlines the reconnaissance phase of security assessments by orchestrating numerous specialized tools to gather intelligence about a target domain. It performs multiple discovery and analysis tasks such as subdomain enumeration, OSINT collection, and vulnerability scanning in an automated workflow. The framework integrates many external... -
9
holehe
Check if the mail is used on different sites
holehe is a Python-based OSINT utility designed to determine whether a specific email address is registered across a wide range of online services. The tool works by leveraging password-reset mechanisms and other public account-existence checks to infer whether an email is associated with accounts on major platforms. It supports more than a hundred websites and is commonly used during reconnaissance, digital investigations, and account exposure assessments. holehe is designed to operate... -
Powerful App Monitoring Without Surprise BillsTired of monitoring tools that punish you for scaling? AppSignal offers transparent, predictable pricing with every feature unlocked on every plan. Track errors, monitor performance, detect anomalies, and manage logs across Ruby, Python, Node.js, and more. Trusted by developers since 2012 with free dev-to-dev support. No credit card required to start your 30-day trial.
-
10
PrivescCheck
Privilege Escalation Enumeration Script for Windows
PrivescCheck is a local privilege escalation reconnaissance tool for Unix-like systems that automates common checks auditors and system owners run when looking for misconfigurations. It enumerates kernel versions, installed packages, SUID/SGID binaries, world-writable files and directories, services, cron jobs, and user/group permissions to highlight likely escalation paths. The output is organized and human-readable so operators can triage findings quickly—flagging high-risk items... -
11
Elkeid
Open source solution that can meet the requirements of workloads
Elkeid is an open-source platform for security and intrusion-detection that aims to support a wide variety of deployment contexts — from bare-metal hosts to containers, Kubernetes clusters, and even serverless environments. It was born out of ByteDance’s internal security best practices, offering for community users a subset of its enterprise-grade capabilities. Elkeid combines kernel-level data collection, user-space agents, and runtime instrumentation (RASP) to detect malicious behavior,... -
12
OSS Review Toolkit
A suite of tools to automate software compliance checks
OSS Review Toolkit (ORT) is a suite of tools designed to automate the process of reviewing and ensuring compliance of open-source software dependencies. It assists in analyzing project dependencies, scanning for license information, and evaluating compliance with customizable policies. ORT supports integration into CI/CD pipelines, making it a valuable asset for organizations aiming to maintain open-source compliance at scale. -
13
8mb.local
Ffree local self hosted video compressor webui
...The platform presents a simple yet informative web dashboard that dynamically updates with device statuses, IP addresses, and latency information, giving users a centralized view of network health without complex dashboards. It also includes basic tools such as ping monitoring, service reachability checks, and port scanning, enabling users to diagnose connection issues quickly and without external services. The emphasis is on minimalism and performance, so it runs efficiently on low-power devices like Raspberry Pis or small containers, making it ideal for home labs or edge deployments. 8mb.local can also notify users of offline devices or connection drops through configurable alerts, helping preempt outages before they become serious. -
14
Popeye
A Kubernetes cluster resource sanitizer
Popeye is a utility that scans live Kubernetes cluster and reports potential issues with deployed resources and configurations. It sanitizes your cluster based on what’s deployed and not what’s sitting on disk. By scanning your cluster, it detects misconfigurations and helps you to ensure that best practices are in place, thus preventing future headaches. It aims at reducing the cognitive overload one faces when operating a Kubernetes cluster in the wild. Furthermore, if your cluster employs... -
15
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability... -
16
MicroBurst
A collection of scripts for assessing Microsoft Azure security
MicroBurst is a PowerShell toolkit from NetSPI focused on assessing Microsoft Azure security by automating discovery, enumeration, and targeted auditing of cloud services and configurations. It bundles many functions to enumerate Azure resources (subscriptions, VMs, storage accounts, container registries, App Services and more), probe common misconfigurations, and harvest sensitive artifacts when available (for example storage blobs, keys, automation account credentials, and other... -
17
Th3inspector
Best Tool For Information Gathering
...It exposes a single command-line entrypoint (Th3inspector.pl) with many switches for common reconnaissance tasks — examples include website info, whois, MX lookup, geo-IP, subdomain discovery, CMS detection, port scanning, and Cloudflare real-IP resolution — so a user can chain many checks from one script. The project provides simple install wrappers for Linux, Android/Termux and even instructions for Windows (Perl + CPAN modules), and includes helper scripts to update or install dependencies automatically. The repository is actively packaged as versioned releases in the README (current noted version 1.9) and is distributed under an MIT license. -
18
socialscan
Scan platforms to check username and email account usage
Socialscan is an open source intelligence (OSINT) tool designed to check whether usernames or email addresses are associated with accounts on various online platforms. It allows users to quickly determine if a specific username or email address is already in use across multiple services, making it useful for security research, digital investigations, and account enumeration tasks. It focuses on accuracy by querying platform endpoints in a way that reliably detects whether a credential exists... -
19
Drive Health Analyzer - SSD/HDD Monitor
Monitor disk health, predict failures, track SSD/HDD SMART attributes
Drive Health Analyzer is a comprehensive disk monitoring solution designed to prevent data loss by tracking the health status of SSDs and HDDs. The software reads SMART attributes, monitors temperature, analyzes disk performance, and predicts potential drive failures before they occur. It supports all major storage types including NVMe, SATA, and IDE drives. Features real-time alerts, detailed health reports, and automatic background monitoring. The intuitive dashboard displays critical... -
20
Ghost of Death is an app to spoof your OS. It's meant to spoof scanning apps, like nmap or Metasploit. You must be admin/root. 2-28-26: Addressed a couple of bugs. Totally reworked Linux version. This app won't get a perfect match in the spoof, but it won't let them know your OS. 3-1-26: Tweaked on the Linux version some more. 3-2-26: That last Linux version was messed up, new one works, theoretically. 3-3-26: After much labor it's done. It has Windows, Mac and Android now. Windows...
-
21
LinkWarden Bot
Bot that uses various APIs to scan links inside any discord server.
This Discord bot, designed for personal and community use, enhances server security by scrutinizing links shared within Discord channels. It leverages the VirusTotal API, WHOIS lookups, and urlscan.io scans to provide comprehensive real-time analysis, helping maintain a safe online environment for members. -
22
Log4jScanner
A log4j vulnerability filesystem scanner and Go package
...Instead of probing networks, it walks directories and archives, including nested JARs, to find version fingerprints and risky classes associated with the Log4Shell family of issues. The focus on static analysis makes it suitable for container images, build artifacts, and offline systems where active scanning isn’t feasible. Clear, machine-readable output allows the tool to plug into CI/CD checks and fleet-wide inventory jobs. For responders, it reduces time-to-visibility by surfacing exactly which paths and bundles require patching or remediation. It’s a pragmatic addition to defense-in-depth programs that need verifiable evidence of exposure without deploying agents. -
23
Kubestriker
A Blazing fast Security Auditing tool for Kubernetes
Kubestriker is a platform-agnostic tool designed to tackle Kubernetes cluster security issues due to misconfigurations and will help strengthen the overall IT infrastructure of any organization. It performs numerous in-depth checks on a range of services and open ports well across more than one platform such as self-hosted kubernetes, Amazon EKS, Azure AKS, Google GKE etc., to identify any misconfigurations which make organizations an easy target for attackers. In addition, it helps safeguard against potential attacks on Kubernetes clusters by continuously scanning for anomalies. ... -
24
xiwtool
Wireless Network Scanning and Configuration for Linux Desktops
On Linux systems that have a wireless network interface, xiwtool can scan and view statistics for nearby Wireless Access Points, including automatic connections to public WAPs like those in coffee shops and libraries. Xiwtool has many internal features that provide reliable network scanning and management in crowded environments. Xiwtool also checks your your machine and notifies you if the system needs any drivers or networking tools to connect to nearby networks. The program can diagnose connection issues with WPA and WPA2 authenticated networks, and also has tools to evaluate legacy networks that use WEP encryption. -
25
TIDoS
Python web penetration testing framework with modular security tools
TIDoS-Framework is an open source web application penetration testing framework designed to assist security researchers and ethical hackers in identifying vulnerabilities in web systems. It provides a comprehensive environment for performing multiple phases of security assessment, including reconnaissance, scanning, enumeration, vulnerability analysis, and exploitation. Its modular architecture contains more than one hundred modules organized into several testing phases, allowing users to automate or manually run different security checks against a target application. The framework includes both graphical and command-line interfaces, enabling flexible interaction depending on the user’s workflow and preferred interface. ...
