souvenir
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
13 results tagged scan  ✕   ✕
Grype https://github.com/anchore/grype
12/04/2022 cluster icon
  • Kubernetes Best Practices : Best Practices for kubernetes
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • Rancher : Rancher is open source software that makes it simple for organizations to deploy a private container service and deliver Docker orchestration to users...
  • OpenShift Origin : Origin is the upstream community project that powers OpenShift. Built around a core of Docker container packaging and Kubernetes container cluster man...
  • Testcontainers : Testcontainers is an open source library for providing throwaway, lightweight instances of databases, message brokers, web browsers, or just about any...
thumbnail

A vulnerability scanner for container images and filesystems.

docker container security scan
OpenVAS https://www.openvas.org/
29/04/2020 cluster icon
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

security scan test tool
SpiderFoot https://www.spiderfoot.net/
11/02/2020 cluster icon
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Infection Monkey : The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The M...
thumbnail

With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (OSINT) about IP addresses, domain names, e-mail addresses, usernames, names, subnets and ASNs from many sources such as AlienVault, HaveIBeenPwned, SecurityTrails, SHODAN and more.

security osint scan tool
ApplicationInspector https://github.com/microsoft/ApplicationInspector
29/01/2020 cluster icon
  • semgrep : semgrep is a tool for easily detecting and preventing bugs and anti-patterns in your codebase. It combines the convenience of grep with the correctnes...
  • Black : By using Black, you agree to cede control over minutiae of hand-formatting. In return, Black gives you speed, determinism, and freedom from pycodestyl...
  • tickgit : tickgit is a tool to help you manage tickets, todo items, and checklists within a codebase. Use the tickgit command to view pending tasks, progress re...
  • SonarQube : SonarQube is an open source platform for continuous inspection of code quality.
  • Coding Dojo : This page is intended as a list of Kata exercises that people have tried at their Dojo meetings, which links to more detailed descriptions of each Kat...
thumbnail

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'what's in it' using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

staticanalysis code scan
REDbot https://redbot.org/
07/12/2019 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • Mockbin : Mockbin allows you to generate custom endpoints to test, mock, and track HTTP requests & responses between libraries, sockets and APIs.
  • wuzz : Interactive cli tool for HTTP inspection Wuzz command line arguments are similar to cURL's arguments, so it can be used to inspect/modify requests cop...
  • Siege : Siege is an http load testing and benchmarking utility. It was designed to let web developers measure their code under duress, to see how it will stan...
  • Hoppscotch : A free, online, open source API request builder
thumbnail

REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how they'll behave, pointing out common problems and suggesting improvements. Although it is not a HTTP conformance tester, it can find a number of HTTP-related issues.

tool http scan service cache
Wappalyzer https://www.wappalyzer.com/
07/12/2019 cluster icon
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...
  • WebPagetest : Run a free website speed test from multiple locations around the globe using real browsers (IE and Chrome) and at real consumer connection speeds. You...
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • TrackingTheTrackers.com : A free analysis tool to check if a website is disguising third-party trackers as first-party trackers.
  • mmmmail! : mmmmail! is a completely ANONYMOUS and FREE disposable Email to RSS service. This means you can choose any email address in the mmmmail.com domain and...

Wappalyzer is a cross-platform utility that uncovers the technologies used on websites. It detects content management systems, ecommerce platforms, web frameworks, server software, analytics tools and many more.

website scan service
OpenSCAP https://www.open-scap.org/
03/10/2018 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.

The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. We maintain great flexibility and interoperability, reducing the costs of performing security audits.

security tool scan
Open Paperless https://github.com/zhoubear/open-paperless
29/12/2017 cluster icon
  • MediaGoblin : MediaGoblin is a free software media publishing platform that anyone can run. You can think of it as a decentralized alternative to Flickr, YouTube, S...
  • Robomongo : Shell-centric cross-platform MongoDB management tool (MongoDB Admin UI)
  • librehosters : librehosters is a network of cooperation and solidarity that uses free software to encourage decentralisation through federation and distributed platf...
  • docopt : Command-line interface description language. docopt helps you define interface for your command-line app, and automatically generate parser for it.
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...
thumbnail

Scan, index, and archive all of your paper documents. Open Paperless is a re-think of the user interface and user experience for Mayan EDMS. The goal is to reduce the complexity and make it more suitable for home users.

python document management scan archive freesoftware
Observatory https://observatory.mozilla.org/
01/09/2016 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • Grype : A vulnerability scanner for container images and filesystems.
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • HTTP Security Report : Get an instant report of how your website measures up to the best practices. Check connection encryption, content security, information disclosure and...

Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and securely.

http security scan configuration
Security Headers https://securityheaders.com/
02/05/2016 cluster icon
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • Observatory : Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and se...
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...
  • HTTP Security Report : Get an instant report of how your website measures up to the best practices. Check connection encryption, content security, information disclosure and...
  • mitmproxy : mitmproxy is your swiss-army knife for debugging, testing, privacy measurements, and penetration testing. It can be used to intercept, inspect, modify...
thumbnail

I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites were using these headers and I figured I'd turn it into a useful tool for everyone to use!
There are services out there that will analyse the HTTP response headers of other sites but I also wanted to add a rating system to the results. The HTTP response headers that this site analayses provide huge levels of protection and it's important that sites deploy them. Hopefully, by providing an easy mechanism to assess them, and further information on how to deploy missing headers, we can drive up the usage of security based headers across the web.

http security test scan service
WhatWeb http://www.morningstarsecurity.com/research/whatweb
17/04/2016 cluster icon
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
thumbnail

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 900 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

web scan tool analysis security
Zed Attack Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
04/08/2014 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
thumbnail

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

web security proxy scan tool
Wapiti http://wapiti.sourceforge.net
18/06/2011 cluster icon
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • DVWA - Damn Vulnerable Web Application : Damn Vulnerable Web App (DVWA) is a PHP/MySQL web application that is damn vulnerable. Its main goals are to be an aid for security professionals to t...
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • vicnum : A flexible web app showing vulnerabilities such as cross site scripting, sql injections, and session management issues. Helpful to IT auditors honing ...

Wapiti allows you to audit the security of your web applications.

It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.

Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

web security software test scan
1634 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn