Security Scanning

cfn-nag is a static analysis tool that scans AWS CloudFormation templates to identify security vulnerabilities and misconfigurations in infrastructure-as-code.

Second-order subdomain takeover scanner

A dependency security analysis tool that identifies potential risks in project dependencies including unsafe lock files, installation scripts, obfuscated code, and dangerous shell commands.

AndroBugs Framework is an Android vulnerability analysis system that scans mobile applications for security vulnerabilities, missing best practices, and dangerous shell commands.

GuardDog is a CLI tool that identifies malicious PyPI and npm packages using heuristics-based analysis of source code and metadata.

A Node.js tool that analyzes HTTP security headers on websites to identify missing or problematic security configurations.

SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.

A GitHub action that lints AWS IAM policy documents to identify security issues and misconfigurations with configurable severity levels and custom rules.

ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.

A Docker security analysis tool that scans containers and networks to identify vulnerabilities and security weaknesses in Docker environments.

A tool that combines multiple open source Git scanning utilities to detect and list secrets stored in Git repositories for security audits and compliance checks.

FestIn discovers open S3 buckets associated with a domain using crawling and DNS reconnaissance techniques.

w3af is an open source web application security scanner that identifies over 200 types of vulnerabilities including XSS, SQL injection, and OS commanding in web applications.

SkyArk is a cloud security scanning tool that identifies privileged entities in AWS and Azure environments to help mitigate Cloud Shadow Admin threats.

CloudFrunt identifies misconfigured Amazon CloudFront domains that are vulnerable to hijacking due to improper CNAME configuration.

A collection of Yara rules for the Burp Yara-Scanner extension that helps identify malicious software and infected web pages during web application security assessments.

An open-source tool that automates the detection and analysis of DLL hijacking vulnerabilities in Windows applications, providing detailed reports and remediation guidance.

A command-line Android APK vulnerability analyzer written in Rust that decompresses and scans APK files using rule-based detection to identify security issues.

A secrets detection tool that scans GitHub, GitLab, and Bitbucket repositories to identify API keys, access tokens, and other sensitive information in source code.

ASH is an automated security scanning tool that integrates multiple open-source security scanners to perform preliminary security checks on code, infrastructure, and IAM configurations during development.

tfsec is being replaced by Trivy, a more comprehensive open-source security solution

Clair is an open source static analysis tool that scans application containers for known vulnerabilities through API-based image indexing and matching.

Docker's Actuary is an automated security assessment tool that checks Docker container deployments against configurable best-practice checklists to ensure production readiness.

Kube-bench is a security assessment tool that validates Kubernetes deployments against CIS Kubernetes Benchmark standards through automated configuration checks.