Loading...

Popular Free Commercial Categories Tasks Blog

CybersecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Operated by:

Mandos Cyber • KVK: 97994448

Netherlands • contact@mandos.io

VAT: NL005301434B12

Copyright © 2025 - All rights reserved

LINKS

LEGAL

Terms of services Privacy policy

Security Audit

Explore 69 curated tools and resources

Search by name, description, or purpose... (⌘+K)

Home
Tasks
Security Audit

PINNED

Promoted • 6 tools

Commercial

Data Protection

Commercial

Network Security

Commercial

Consulting

Commercial

Application Security

Commercial

Cloud Security

Commercial

Application Security

Want your tool featured here?

Get maximum visibility with pinned placement

LATEST ADDITIONS

Entersoft Web Application Security
A comprehensive application security service provider offering manual penetration testing, vulnerability assessment, and security solutions across various industries.
0
Commercial
Application Security
Application Security
Penetration Testing
Vulnerability Assessment
Web App Security
Security Testing
Compliance
Security Audit
Vapt
Security Assessment
Web Security
Entersoft Web Application Security
A comprehensive application security service provider offering manual penetration testing, vulnerability assessment, and security solutions across various industries.
0
Commercial
Application Security
Application Security
Penetration Testing
Vulnerability Assessment
+7
audius Security and Audit Services
A comprehensive cybersecurity consulting service offering security assessments, risk analysis, and implementation of tailored information security management systems for organizations.
0
Commercial
Consulting
Security Audit
Risk Assessment
Security Assessment
Compliance
Isms
Cloud Security
Security Consulting
Security Framework
Security Strategy
Security Posture Assessment
audius Security and Audit Services
A comprehensive cybersecurity consulting service offering security assessments, risk analysis, and implementation of tailored information security management systems for organizations.
0
Commercial
Consulting
Security Audit
Risk Assessment
Security Assessment
+7
weSecretFinder
A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.
0
Free
Offensive Security
Security Scanning
Python
Offensive Security
Security Audit
Security Tools
Penetration Testing
Security Automation
Sensitive Data
Security Assessment
weSecretFinder
A Python script that scans file systems to identify hardcoded credentials, API keys, and other sensitive secrets using configurable regex patterns.
0
Free
Offensive Security
Security Scanning
Python
Offensive Security
+6
CMMC Resources
A compliance management platform that simplifies CMMC Level 1 certification for defense contractors through guided workflows, policy templates, and evidence management tools.
0
Commercial
GRC
Compliance
Security Framework
Policy
Governance
Security Standards
Security Assessment
Risk Management
Security Audit
Documentation
Security Compliance Training
CMMC Resources
A compliance management platform that simplifies CMMC Level 1 certification for defense contractors through guided workflows, policy templates, and evidence management tools.
0
Commercial
GRC
Compliance
Security Framework
Policy
+7
Network Intelligence
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
0
Commercial
Security Operations
Security Operations
Compliance
Security Assessment
Vulnerability Management
Penetration Testing
Security Audit
Cybersecurity
Grc
Ai Security
Security Training
Network Intelligence
Network Intelligence is a cybersecurity services provider offering comprehensive security solutions through their ADVISE framework, including detection and response, compliance, data privacy, and secure digital transformation services across multiple industries.
0
Commercial
Security Operations
Security Operations
Compliance
Security Assessment
+7
NxSAM
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
0
Commercial
Vulnerability Management
Vulnerability Management
Security Audit
Compliance
Risk Management
Security Automation
Security Operations
Auditing
Security Monitoring
Reporting
Dashboard
NxSAM
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
0
Commercial
Vulnerability Management
Vulnerability Management
Security Audit
Compliance
+7
ScubaGear
ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.
0
Free
Cloud Security
Cloud Security
Microsoft 365
Compliance
Security Assessment
Powershell
Configuration Management
Cloud Compliance
Security Audit
Microsoft
Office 365
ScubaGear
ScubaGear is a PowerShell-based assessment tool that evaluates Microsoft 365 tenant configurations against CISA security baselines using Open Policy Agent and generates compliance reports.
0
Free
Cloud Security
Cloud Security
Microsoft 365
Compliance
+7
Securden Unified PAM
A powerful tool that enables organizations to discover, manage, and secure privileged access, helping to reduce the risks associated with privileged accounts and activities.
0
Commercial
IAM
Privileged Access Management
Pam
Access Management
Compliance
Security Audit
Securden Unified PAM
A powerful tool that enables organizations to discover, manage, and secure privileged access, helping to reduce the risks associated with privileged accounts and activities.
0
Commercial
IAM
Privileged Access Management
Pam
Access Management
+2
gitGraber
Monitor GitHub for sensitive data
0
Free
Data Protection
Infosec
Security Audit
Data Protection
Sensitive Data
Github
Real Time Monitoring
gitGraber
Monitor GitHub for sensitive data
0
Free
Data Protection
Infosec
Security Audit
Data Protection
+3
liffier
A simple snippet to increment ../ on the URL.
0
Free
Miscellaneous
Vulnerability Detection
Web App Security
Security Audit
Penetration Testing
Vulnerability Assessment
liffier
A simple snippet to increment ../ on the URL.
0
Free
Miscellaneous
Vulnerability Detection
Web App Security
Security Audit
+2
s3viewer
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
0
Free
Cloud Security
Cloud Security
S3
Azure
Security Assessment
Cloud
Aws
Misconfiguration
Data Security
Security Audit
s3viewer
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
0
Free
Cloud Security
Cloud Security
S3
Azure
+6
s3tk
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
0
Free
Cloud Security
Aws
S3
Cloud Security
Aws Security
Security Scanning
Vulnerability Assessment
Security Audit
Cloud Audit
Data Security
Encryption
Policy
Access Control
Security Tool
s3tk
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
0
Free
Cloud Security
Aws
S3
Cloud Security
+10
s3_objects_check
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
0
Free
Cloud Security
Aws
S3
Cloud Security
Security Assessment
Aws Security
Cloud
Misconfiguration
Security Audit
Vulnerability Assessment
Cloud Compliance
s3_objects_check
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
0
Free
Cloud Security
Aws
S3
Cloud Security
+7
Talisman
Pre-commit hook for validating outgoing changeset
0
Free
Application Security
Security Audit
Code Security
Vulnerability Detection
Talisman
Pre-commit hook for validating outgoing changeset
0
Free
Application Security
Security Audit
Code Security
Vulnerability Detection
s3cario
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
0
Free
Cloud Security
Aws
S3
Cloud Security
Security Testing
Vulnerability Assessment
Aws Security
Cloud
Penetration Testing
Security Audit
s3cario
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
0
Free
Cloud Security
Aws
S3
Cloud Security
+6
Dorothy
Dorothy is a tool to test monitoring and detection capabilities for Okta environments, with modules mapped to MITRE ATT&CK® tactics.
0
Free
Threat Management
Security Audit
Attack Simulation
Mitre Attack
Detection Rules
Dorothy
Dorothy is a tool to test monitoring and detection capabilities for Okta environments, with modules mapped to MITRE ATT&CK® tactics.
0
Free
Threat Management
Security Audit
Attack Simulation
Mitre Attack
+1
EarlyBird
A sensitive data detection tool for scanning source code repositories
0
Free
Data Protection
Ci Cd
Security Audit
Vulnerability Detection
EarlyBird
A sensitive data detection tool for scanning source code repositories
0
Free
Data Protection
Ci Cd
Security Audit
Vulnerability Detection
Prowler
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
0
Free
Cloud Security
Cloud Security
Aws
Azure
Gcp
Kubernetes
Compliance
Security Audit
Open Source
Multi Cloud
Security Assessment
Prowler
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
0
Free
Cloud Security
Cloud Security
Aws
Azure
+7
Enumerate IAM Permissions
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
0
Free
IAM
Iam
Aws
Aws Security
Enumeration
Security Assessment
Privilege Escalation
Aws Iam
Penetration Testing
Security Audit
Reconnaissance
Enumerate IAM Permissions
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
0
Free
IAM
Iam
Aws
Aws Security
+7
Nikto
Web server scanner for identifying security vulnerabilities.
0
Free
Vulnerability Management
Web App Security
Web Server
Scanner
Vulnerability Detection
Security Audit
Nikto
Web server scanner for identifying security vulnerabilities.
0
Free
Vulnerability Management
Web App Security
Web Server
Scanner
+2
Linux Exploit Suggester (LES)
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
0
Free
Offensive Security
Privilege Escalation
Linux
Vulnerability Assessment
Penetration Testing
Exploit
Kernel
Cve
Security Audit
Pentesting
Offensive Security
Linux Exploit Suggester (LES)
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
0
Free
Offensive Security
Privilege Escalation
Linux
Vulnerability Assessment
+7
APKLeaks
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
0
Free
Application Security
Android
Mobile Security
Application Security
Apk
Static Analysis
Security Scanning
Command Line Tool
Vulnerability Assessment
Security Audit
Penetration Testing
APKLeaks
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
0
Free
Application Security
Android
Mobile Security
Application Security
+7
npm-scan
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
0
Free
Vulnerability Management
Npm
Vulnerability Scanning
Security Audit
Nodejs
npm-scan
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
0
Free
Vulnerability Management
Npm
Vulnerability Scanning
Security Audit
+1
Log Parser Lizard
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
0
Free
SIEM
Log Analysis
Sql
Gui
Log Parsing
Security Audit
Log Parser Lizard
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
0
Free
SIEM
Log Analysis
Sql
Gui
+2
Conmachi Container Scanner
A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.
0
Free
Cloud Security
Container Security
Containers
Docker
Security Scanning
Vulnerability Assessment
Golang
Security Analysis
Privilege Escalation
Security Audit
Devops
Conmachi Container Scanner
A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.
0
Free
Cloud Security
Container Security
Containers
Docker
+7
SharpAppLocker
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
0
Free
Endpoint Security
Csharp
Applocker
Windows
Endpoint Security
Policy
Security Assessment
Application Security
Windows Security
Powershell
Security Audit
SharpAppLocker
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
0
Free
Endpoint Security
Csharp
Applocker
Windows
+7
Bastille-Linux
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
0
Free
Miscellaneous
Appsec
Compliance
Configuration Management
Hardening
Security Audit
Security Hardening
Bastille-Linux
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
0
Free
Miscellaneous
Appsec
Compliance
Configuration Management
+3
AWS Scout2
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
0
Free
Cloud Security
Aws
Cloud Security
Security Assessment
Aws Security
Cloud
Security Audit
Configuration Management
Security Scanning
Vulnerability Assessment
Cloud Compliance
AWS Scout2
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
0
Free
Cloud Security
Aws
Cloud Security
Security Assessment
+7
Docker Bench for Security
An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.
0
Free
Vulnerability Management
Container Security
Docker
Docker Security
Security Assessment
Cis
Compliance
Security Audit
Automation
Open Source
Security Scanning
Docker Bench for Security
An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.
0
Free
Vulnerability Management
Container Security
Docker
Docker Security
+7
AttackSurfaceMapper
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
0
Free
Vulnerability Management
Attack Surface
Reconnaissance
Network Discovery
Vulnerability Assessment
Security Audit
AttackSurfaceMapper
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
0
Free
Vulnerability Management
Attack Surface
Reconnaissance
Network Discovery
+2
Azucar
Azucar is a multi-threaded plugin-based tool that performs read-only security assessments of Azure Cloud environments, analyzing various assets and configurations without modifying deployed resources.
0
Free
Cloud Security
Azure
Cloud Security
Security Assessment
Multi Threaded
Plugin
Active Directory
Security Audit
Rbac
Vulnerability Assessment
Cloud Compliance
Azucar
Azucar is a multi-threaded plugin-based tool that performs read-only security assessments of Azure Cloud environments, analyzing various assets and configurations without modifying deployed resources.
0
Free
Cloud Security
Azure
Cloud Security
Security Assessment
+7
Hunter
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
0
Free
Threat Management
Appsec
Automation
Cloud
Cloud Security
Compliance
Data Security
Email Security
Infosec
Security Audit
Hunter
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
0
Free
Threat Management
Appsec
Automation
Cloud
+6
CIS Benchmarks Audit
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
0
Free
GRC
Cis
Compliance
Security Audit
Python
Security Assessment
Security Hardening
Governance
Security Standards
Auditing
Cli Tool
CIS Benchmarks Audit
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
0
Free
GRC
Cis
Compliance
Security Audit
+7
Tracy
A tool for identifying potential security vulnerabilities in web applications
0
Free
Application Security
Web App Security
Vulnerability Detection
Code Analysis
Security Audit
Penetration Testing
Tracy
A tool for identifying potential security vulnerabilities in web applications
0
Free
Application Security
Web App Security
Vulnerability Detection
Code Analysis
+2
bundler-audit
Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.
0
Free
Vulnerability Management
Ruby
Vulnerability Scanning
Security Audit
bundler-audit
Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.
0
Free
Vulnerability Management
Ruby
Vulnerability Scanning
Security Audit
LambdaGuard
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
0
Free
Cloud Security
Aws
Lambda
Serverless
Cloud Security
Security Audit
Configuration Management
Aws Security
Auditing
Security Assessment
Cloud Compliance
LambdaGuard
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
0
Free
Cloud Security
Aws
Lambda
Serverless
+7
second-order
Second-order subdomain takeover scanner
0
Free
Digital Forensics
Subdomain Takeover
Vulnerability Scanning
Security Audit
Security Scanning
second-order
Second-order subdomain takeover scanner
0
Free
Digital Forensics
Subdomain Takeover
Vulnerability Scanning
Security Audit
+1
npq
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
0
Free
Application Security
Npm
Yarn
Package Management
Security Audit
Vulnerability Scanning
Package Audit
npq
A tool that safely installs packages with npm/yarn by auditing them as part of your install process.
0
Free
Application Security
Npm
Yarn
Package Management
+3
drydock
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.
0
Free
Cloud Security
Docker
Container Security
Security Audit
Python
Cis
Docker Security
Auditing
Compliance
Security Assessment
Json
drydock
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.
0
Free
Cloud Security
Docker
Container Security
Security Audit
+7
SecretScanner
SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.
0
Free
Security Operations
Secret Detection
Container Security
Filesystem
Security Scanning
Devsecops
Aws Secrets
Security Audit
Vulnerability Detection
Static Analysis
SecretScanner
SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.
0
Free
Security Operations
Secret Detection
Container Security
Filesystem
+6
Cloud Security Suite (cs-suite)
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
0
Free
Cloud Security
Cloud Security
Security Audit
Multi Cloud
Aws
Gcp
Azure
Command Line Tool
Security Assessment
Automation
Auditing
Cloud Security Suite (cs-suite)
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
0
Free
Cloud Security
Cloud Security
Security Audit
Multi Cloud
+7
CRT sh
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
0
Free
Vulnerability Management
Ssl
Tls
Certificate
Cryptography
Security Audit
CRT sh
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
0
Free
Vulnerability Management
Ssl
Tls
Certificate
+2
Perimeterator
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
0
Free
Attack Surface Management
Aws
Aws Security
Cloud Security
Attack Surface
Scanning
Network Security
Automation
Terraform
Vulnerability Assessment
Security Audit
Perimeterator
A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.
0
Free
Attack Surface Management
Aws
Aws Security
Cloud Security
+7
Websecurify
Websecurify provides efficient ways to protect organizations with sophisticated technology and expert consultancy.
0
Free
Application Security
Appsec
Security Audit
Websecurify
Websecurify provides efficient ways to protect organizations with sophisticated technology and expert consultancy.
0
Free
Application Security
Appsec
Security Audit
httpry
A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.
0
Free
Network Security
Network Security
Log Analysis
Network Monitoring
Security Audit
httpry
A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.
0
Free
Network Security
Network Security
Log Analysis
Network Monitoring
+1
LUNAR Lockdown UNix Auditing and Reporting
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
0
Free
Security Operations
Security Audit
Unix
Linux
Cis
Compliance
Security Hardening
Shell Script
Security Assessment
Auditing
Security Configuration
LUNAR Lockdown UNix Auditing and Reporting
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
0
Free
Security Operations
Security Audit
Unix
Linux
+7
Seatbelt
Comprehensive host-survey tool for security checks in C#.
0
Free
Offensive Security
Csharp
Security Audit
Offensive Security
Seatbelt
Comprehensive host-survey tool for security checks in C#.
0
Free
Offensive Security
Csharp
Security Audit
Offensive Security
ssh-audit by jtesta
ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.
0
Free
Network Security
Ssh
Network Security
Security Audit
Configuration Management
Python
Cli Tool
Security Assessment
Network Administration
Security Scanning
Open Source
ssh-audit by jtesta
ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.
0
Free
Network Security
Ssh
Network Security
Security Audit
+7
CloudMapper
CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.
0
Free
Cloud Security
Aws
Cloud Security
Security Audit
Aws Security
Iam
Security Assessment
Cloud Compliance
Vulnerability Assessment
Asset Inventory
Network Security
Security Configuration
CloudMapper
CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.
0
Free
Cloud Security
Aws
Cloud Security
Security Audit
+8
Active Directory Security
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
0
Free
IAM
Appsec
Attack Paths
Blue Team
Powershell
Security Audit
Active Directory Security
A comprehensive resource for securing Active Directory, including attack methods and effective defenses.
0
Free
IAM
Appsec
Attack Paths
Blue Team
+2
git-all-secrets
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
0
Free
Application Security
Git
Secret Detection
Security Audit
Compliance
Automation
Source Code Analysis
Appsec
Security Scanning
Open Source
Devsecops
git-all-secrets
A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.
0
Free
Application Security
Git
Secret Detection
Security Audit
+7
Sherlock PowerShell Script
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
0
Free
Vulnerability Management
Patch Management
Vulnerability Scanning
Powershell
Security Audit
Sherlock PowerShell Script
Powerful PowerShell script for identifying missing software patches for local privilege escalation vulnerabilities.
0
Free
Vulnerability Management
Patch Management
Vulnerability Scanning
Powershell
+1
Otseca
Open source security auditing tool to search and dump system configuration.
0
Free
Vulnerability Management
Penetration Testing
Security Audit
System Administration
Security Research
Otseca
Open source security auditing tool to search and dump system configuration.
0
Free
Vulnerability Management
Penetration Testing
Security Audit
System Administration
+1
Altoro Mutual Online Banking
Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.
0
Free
Specialized Security
Compliance
Data Protection
Security
Security Audit
Altoro Mutual Online Banking
Altoro Mutual offers online banking, real estate financing, business credit cards, retirement solutions, and prioritizes privacy and security.
0
Free
Specialized Security
Compliance
Data Protection
Security
+1
MicroBurst
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
0
Free
Offensive Security
Powershell
Azure
Penetration Testing
Cloud Security
Offensive Security
Post Exploitation
Security Audit
Cloud
Pentesting
Toolkit
MicroBurst
A PowerShell toolkit for penetration testing Microsoft Azure environments, providing discovery, configuration auditing, and post-exploitation capabilities.
0
Free
Offensive Security
Powershell
Azure
Penetration Testing
+7
IntelligenceX
Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.
0
Free
Threat Management
Vulnerability Assessment
Vulnerability Scanning
Compliance
Security Audit
Vulnerability Detection
IntelligenceX
Nessus efficiently scans for system vulnerabilities, misconfigurations, and compliance issues.
0
Free
Threat Management
Vulnerability Assessment
Vulnerability Scanning
Compliance
+2
AWS CloudTrail
Track user activity and API usage on AWS and in hybrid and multicloud environments.
0
Free
SIEM
Aws
Cloud Security
Cloudtrail
Cloudwatch
Compliance
Logging
Security Audit
AWS CloudTrail
Track user activity and API usage on AWS and in hybrid and multicloud environments.
0
Free
SIEM
Aws
Cloud Security
Cloudtrail
+4
CSP Auditor
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
0
Free
Application Security
Csp
Content Security Policy
Security Audit
CSP Auditor
A plugin for viewing, detecting weak configurations, and generating Content Security Policy headers.
0
Free
Application Security
Csp
Content Security Policy
Security Audit
Alert(1) to Win
A free online tool that scans and fixes common security issues in WordPress websites.
0
Free
Application Security
Wordpress
Security Audit
Vulnerability Scanning
Web App Security
Security Testing
Compliance
Alert(1) to Win
A free online tool that scans and fixes common security issues in WordPress websites.
0
Free
Application Security
Wordpress
Security Audit
Vulnerability Scanning
+3
AWS Recon
A multi-threaded Ruby tool for comprehensive AWS security inventory collection that gathers detailed resource attributes, metadata, and policy information across AWS environments.
0
Free
Cloud Security
Aws
Cloud Security
Inventory
Ruby
Security Assessment
Multi Threaded
Automation
Aws Security
Asset Inventory
Cloud
Security Audit
Configuration Management
Api
Json
Cli Tool
AWS Recon
A multi-threaded Ruby tool for comprehensive AWS security inventory collection that gathers detailed resource attributes, metadata, and policy information across AWS environments.
0
Free
Cloud Security
Aws
Cloud Security
Inventory
+12
Spoofcheck
Simple script to check a domain's email protections and identify vulnerabilities.
0
Free
Vulnerability Management
Email Security
Vulnerability Scanning
Security Testing
Penetration Testing
Security Audit
Spoofcheck
Simple script to check a domain's email protections and identify vulnerabilities.
0
Free
Vulnerability Management
Email Security
Vulnerability Scanning
Security Testing
+2
Docker's Actuary
Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.
0
Free
Cloud Security
Docker
Container Security
Security Assessment
Docker Security
Automation
Best Practices
Security Audit
Containerization
Devops
Security Scanning
Docker's Actuary
Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.
0
Free
Cloud Security
Docker
Container Security
Security Assessment
+7
Cloudsplaining
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
0
Free
IAM
Iam
Aws
Aws Security
Security Assessment
Least Privilege
Compliance
Risk Assessment
Security Audit
Cloud Security
Privilege Escalation
Cloudsplaining
An AWS IAM security assessment tool that identifies least privilege violations and generates risk-prioritized reports for IAM policy remediation.
0
Free
IAM
Iam
Aws
Aws Security
+7
rpCheckup
rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.
0
Free
Cloud Security
Aws
Cloud Security
Aws Security
Security Audit
Policy
Compliance
Security Assessment
Cloud Compliance
Security Analysis
Reporting
rpCheckup
rpCheckup is an AWS resource policy security analysis tool that identifies public, external, intra-organizational, and private resource access patterns across AWS accounts.
0
Free
Cloud Security
Aws
Cloud Security
Aws Security
+7
kube-bench
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
0
Free
Cloud Security
Kubernetes
Kubernetes Security
Security Assessment
Compliance
Cis
Cloud Security
Container Security
Security Audit
Configuration Management
Security Scanning
kube-bench
Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.
0
Free
Cloud Security
Kubernetes
Kubernetes Security
Security Assessment
+7
aws-lint-iam-policies
A command-line tool that performs automated IAM policy security linting across AWS accounts and organizations using AWS Access Analyzer validation.
0
Free
Cloud Security
Aws
Iam
Cloud Security
Policy
Security Audit
Aws Security
Compliance
Security Assessment
Automation
Cli
aws-lint-iam-policies
A command-line tool that performs automated IAM policy security linting across AWS accounts and organizations using AWS Access Analyzer validation.
0
Free
Cloud Security
Aws
Iam
Cloud Security
+7
CloudTracker
CloudTracker analyzes CloudTrail logs against IAM policies to identify over-privileged AWS users and roles by comparing actual permission usage with granted permissions.
0
Free
IAM
Iam
Aws
Aws Security
Least Privilege
Cloudtrail
Identity And Access Management
Security Audit
Privilege Escalation
Aws Cli
Python
CloudTracker
CloudTracker analyzes CloudTrail logs against IAM policies to identify over-privileged AWS users and roles by comparing actual permission usage with granted permissions.
0
Free
IAM
Iam
Aws
Aws Security
+7
Zeus AWS Auditing & Hardening Tool
Zeus is an AWS security auditing and hardening tool that evaluates cloud configurations against CIS benchmarks and can automatically apply recommended security settings.
0
Free
Cloud Security
Aws
Cloud Security
Security Audit
Compliance
Cis
Iam
Security Hardening
Aws Security
Cloudtrail
Cloudwatch
S3
Ec2
Kms
Security Assessment
Automation
Zeus AWS Auditing & Hardening Tool
Zeus is an AWS security auditing and hardening tool that evaluates cloud configurations against CIS benchmarks and can automatically apply recommended security settings.
0
Free
Cloud Security
Aws
Cloud Security
Security Audit
+12
Scout Suite
Scout Suite is an open source multi-cloud security auditing tool that gathers configuration data via cloud provider APIs to identify risks and provide visibility into cloud attack surfaces.
0
Free
Cloud Security
Cloud Security
Multi Cloud
Security Audit
Aws
Azure
Gcp
Kubernetes
Api
Open Source
Compliance
Scout Suite
Scout Suite is an open source multi-cloud security auditing tool that gathers configuration data via cloud provider APIs to identify risks and provide visibility into cloud attack surfaces.
0
Free
Cloud Security
Cloud Security
Multi Cloud
Security Audit
+7

1
2
3
Next