Security Audit
Browse 228 security audit tools
FEATURED
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
A storage exploration tool that provides unified access to view publicly accessible Amazon S3 buckets, Azure Blob storage, FTP servers, and HTTP directory listings.
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
A security toolkit for Amazon S3 that provides bucket scanning, policy validation, ACL management, and encryption features to identify and remediate S3 security vulnerabilities.
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
A security tool that performs whitebox evaluation of S3 object permissions to identify publicly accessible files and generate reports on potential exposure risks.
Pre-commit hook for validating outgoing changeset
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
S3cario is an AWS S3 bucket security testing tool that validates permissions and identifies potential vulnerabilities through scenario simulation.
Dorothy is a tool to test monitoring and detection capabilities for Okta environments, with modules mapped to MITRE ATT&CK® tactics.
Dorothy is a tool to test monitoring and detection capabilities for Okta environments, with modules mapped to MITRE ATT&CK® tactics.
A sensitive data detection tool for scanning source code repositories
A sensitive data detection tool for scanning source code repositories
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
Prowler is an open source multi-cloud security assessment tool that performs audits, compliance checks, and security evaluations across AWS, Azure, GCP, and Kubernetes environments.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
A security assessment tool that identifies AWS IAM permissions by systematically testing API calls to determine the actual scope of access granted to specific credentials.
Web server scanner for identifying security vulnerabilities.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
APKLeaks is a command-line tool that scans Android APK files to identify embedded URIs, endpoints, and secrets for security assessment purposes.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
An extensible, heuristic-based vulnerability scanning tool for installed npm packages.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
A dynamic GUI for advanced log analysis, allowing users to execute SQL queries on structured log data.
A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.
A Golang-based container security scanner that identifies potential vulnerabilities and misconfigurations in container environments by checking namespacing, capabilities, security profiles, and host device mounts.
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.
An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.
An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.
Azucar is a multi-threaded plugin-based tool that performs read-only security assessments of Azure Cloud environments, analyzing various assets and configurations without modifying deployed resources.
Azucar is a multi-threaded plugin-based tool that performs read-only security assessments of Azure Cloud environments, analyzing various assets and configurations without modifying deployed resources.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
