Best Open Source security tools Libraries
A curated list of the most popular GitHub repositories tagged with security tools. Select any project to visualize its architecture and dive into the codebase using RepoMind's AI engine.
#1x64dbg/x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
#2KeygraphHQ/shannon
Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.
#3aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
#4Lissy93/web-check
🕵️♂️ All-in-one OSINT tool for analysing any website
#5gitleaks/gitleaks
Find secrets with Gitleaks 🔑
#6Infisical/infisical
Infisical is the open-source platform for secrets, certificates, and privileged access management.
#7trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
#8bee-san/RustScan
🤖 The Modern Port Scanner 🤖
#9fail2ban/fail2ban
Daemon to ban hosts that cause multiple authentication errors
#10smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
#11CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
#12wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
#13jason5ng32/MyIP
The best IP Toolbox. Easy to check what's your IPs, IP geolocation, check for DNS leaks, examine WebRTC connections, speed test, ping test, MTR test, check website availability, whois search and more! || 可能是最好用的IP工具箱。轻松检查你的 IP,IP 地理位置,检查DNS泄漏,检查 WebRTC 连接,速度测试,ping 测试,MTR测试,检查网站可用性,查询 Whois 信息等等。
#14vxcontrol/pentagi
✨ Fully autonomous AI Agents system capable of performing complex penetration testing tasks
#151N3/Sn1per
Attack Surface Management Platform
#16toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
#17securego/gosec
Go security checker
#18A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
#19Ullaakut/cameradar
Cameradar hacks its way into RTSP videosurveillance cameras
#20OWASP/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
#21e-m-b-a/emba
EMBA - The firmware security analyzer
#22aquasecurity/trivy-operator
Kubernetes-native security toolkit
#23lirantal/npq
safely install npm packages by auditing them pre-install stage
#24ossf/cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
#25goshs-labs/goshs
Feature-rich single-binary file server for red teamers and developers. HTTP/S · WebDAV · FTP/SFTP · SMB · LDAP/S · NTLM hash capture · DNS/SMTP callbacks · TLS · Auth · Share links. A powerful python3 -m http.server replacement.
#26yaklang/yaklang
A programming language exclusively designed for cybersecurity
#27SecObserve/SecObserve
SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It supports a variety of open source vulnerability scanners and integrates easily into CI/CD pipelines.
#28rix4uni/medium-writeups
This repository updates latest Bug Bounty medium writeups every 10 minutes, https://readmedium.com/Medium_URL, https://archive.ph/Medium_URL, https://freedium.cfd/Medium_URL