souvenir
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
13 results tagged scan  ✕   ✕
Grype https://github.com/anchore/grype
12/04/2022 cluster icon
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • Telepresence : Telepresence, in conjunction with a containerized development environment, gives the developer a fast development workflow in developing a multi-conta...
  • Watchtower : A container-based solution for automating Docker container base image updates.
  • Hadolint : A smarter Dockerfile linter that helps you build best practice Docker images. The linter is parsing the Dockerfile into an AST and performs rules on t...
  • Rancher : Rancher is open source software that makes it simple for organizations to deploy a private container service and deliver Docker orchestration to users...
thumbnail

A vulnerability scanner for container images and filesystems.

docker container security scan
OpenVAS https://www.openvas.org/
29/04/2020 cluster icon
  • Bandit : Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs approp...
  • sqlmap : sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of databa...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

security scan test tool
SpiderFoot https://www.spiderfoot.net/
11/02/2020 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • Grype : A vulnerability scanner for container images and filesystems.
thumbnail

With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (OSINT) about IP addresses, domain names, e-mail addresses, usernames, names, subnets and ASNs from many sources such as AlienVault, HaveIBeenPwned, SecurityTrails, SHODAN and more.

security osint scan tool
ApplicationInspector https://github.com/microsoft/ApplicationInspector
29/01/2020 cluster icon
  • Black : By using Black, you agree to cede control over minutiae of hand-formatting. In return, Black gives you speed, determinism, and freedom from pycodestyl...
  • SonarQube : SonarQube is an open source platform for continuous inspection of code quality.
  • semgrep : semgrep is a tool for easily detecting and preventing bugs and anti-patterns in your codebase. It combines the convenience of grep with the correctnes...
  • tickgit : tickgit is a tool to help you manage tickets, todo items, and checklists within a codebase. Use the tickgit command to view pending tasks, progress re...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
thumbnail

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'what's in it' using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

staticanalysis code scan
REDbot https://redbot.org/
07/12/2019 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • Observatory : Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and se...
  • Hoppscotch : A free, online, open source API request builder
  • GoReplay : GoReplay is an open-source tool for capturing and replaying live HTTP traffic into a test environment in order to continuously test your system with r...
  • httpbin : Testing an HTTP Library can become difficult sometimes. PostBin.org is fantastic for testing POST requests, but not much else. This exists to cover al...
thumbnail

REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how they'll behave, pointing out common problems and suggesting improvements. Although it is not a HTTP conformance tester, it can find a number of HTTP-related issues.

tool http scan service cache
Wappalyzer https://www.wappalyzer.com/
07/12/2019 cluster icon
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...
  • WebPagetest : Run a free website speed test from multiple locations around the globe using real browsers (IE and Chrome) and at real consumer connection speeds. You...
  • TrackingTheTrackers.com : A free analysis tool to check if a website is disguising third-party trackers as first-party trackers.
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • ApplicationInspector : A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'what's in it' using static analysis ...

Wappalyzer is a cross-platform utility that uncovers the technologies used on websites. It detects content management systems, ecommerce platforms, web frameworks, server software, analytics tools and many more.

website scan service
OpenSCAP https://www.open-scap.org/
03/10/2018 cluster icon
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • Infection Monkey : The Infection Monkey is an open source security tool for testing a data center's resiliency to perimeter breaches and internal server infection. The M...

The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. We maintain great flexibility and interoperability, reducing the costs of performing security audits.

security tool scan
Open Paperless https://github.com/zhoubear/open-paperless
29/12/2017 cluster icon
  • MediaGoblin : MediaGoblin is a free software media publishing platform that anyone can run. You can think of it as a decentralized alternative to Flickr, YouTube, S...
  • FireLogger : A sexy server logger console in Firebug
  • Robomongo : Shell-centric cross-platform MongoDB management tool (MongoDB Admin UI)
  • CouchDB : Apache CouchDB™ is a database that uses JSON for documents, JavaScript for MapReduce indexes, and regular HTTP for its API
  • Framasoft : Un réseau dédié à la promotion du « libre » en général et du logiciel libre en particulier. De nombreux services et projets innovants mis librement à ...
thumbnail

Scan, index, and archive all of your paper documents. Open Paperless is a re-think of the user interface and user experience for Mayan EDMS. The goal is to reduce the complexity and make it more suitable for home users.

python document management scan archive freesoftware
Observatory https://observatory.mozilla.org/
01/09/2016 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...
  • Everything you need to know about HTTP security headers : This article explains what secure headers are and how to implement these headers in Rails, Django, Express.js, Go, Nginx, and Apache.
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...

Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and securely.

http security scan configuration
Security Headers https://securityheaders.com/
02/05/2016 cluster icon
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • Mockbin : Mockbin allows you to generate custom endpoints to test, mock, and track HTTP requests & responses between libraries, sockets and APIs.
  • Observatory : Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and se...
thumbnail

I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites were using these headers and I figured I'd turn it into a useful tool for everyone to use!
There are services out there that will analyse the HTTP response headers of other sites but I also wanted to add a rating system to the results. The HTTP response headers that this site analayses provide huge levels of protection and it's important that sites deploy them. Hopefully, by providing an easy mechanism to assess them, and further information on how to deploy missing headers, we can drive up the usage of security based headers across the web.

http security test scan service
WhatWeb http://www.morningstarsecurity.com/research/whatweb
17/04/2016 cluster icon
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
thumbnail

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 900 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

web scan tool analysis security
Zed Attack Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
04/08/2014 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
thumbnail

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

web security proxy scan tool
Wapiti http://wapiti.sourceforge.net
18/06/2011 cluster icon
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • WebScarab : WebScarab is a framework for analysing applications that communicate using the HTTP and HTTPS protocols.
  • Burp Suite : Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the en...
  • BeEF : The Browser Exploitation Framework (BeEF) is a powerful professional security tool. BeEF is pioneering techniques that provide the experienced penetra...
  • Skipfish : Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursi...

Wapiti allows you to audit the security of your web applications.

It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.

Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

web security software test scan
1573 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn