souvenir
Tag cloud
Picture wall
Daily
RSS Feed
  • RSS Feed
  • Daily Feed
Filters

Links per page

  • 20 links
  • 50 links
  • 100 links

Filters

Untagged links
13 results tagged scan  ✕   ✕
Grype https://github.com/anchore/grype
12/04/2022 cluster icon
  • Rancher : Rancher is open source software that makes it simple for organizations to deploy a private container service and deliver Docker orchestration to users...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • container-diff : container-diff is a tool for analyzing and comparing container images. container-diff can examine images along several different criteria, including: ...
  • Telepresence : Telepresence, in conjunction with a containerized development environment, gives the developer a fast development workflow in developing a multi-conta...
  • Drone : Drone is an open source Continuous Delivery platform that automates your testing and release workflows. It is built on container technology. Every bui...
thumbnail

A vulnerability scanner for container images and filesystems.

docker container security scan
OpenVAS https://www.openvas.org/
29/04/2020 cluster icon
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Lynis : Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your ...
  • Gitleaks : Gitleaks is an open-source SAST (static application security testing) command line tool for detecting and preventing hardcoded secrets like passwords,...

OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low level Internet and industrial protocols, performance tuning for large-scale scans and a powerful internal programming language to implement any type of vulnerability test.

security scan test tool
SpiderFoot https://www.spiderfoot.net/
11/02/2020 cluster icon
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • Observatory : Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and se...
thumbnail

With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (OSINT) about IP addresses, domain names, e-mail addresses, usernames, names, subnets and ASNs from many sources such as AlienVault, HaveIBeenPwned, SecurityTrails, SHODAN and more.

security osint scan tool
ApplicationInspector https://github.com/microsoft/ApplicationInspector
29/01/2020 cluster icon
  • semgrep : semgrep is a tool for easily detecting and preventing bugs and anti-patterns in your codebase. It combines the convenience of grep with the correctnes...
  • tickgit : tickgit is a tool to help you manage tickets, todo items, and checklists within a codebase. Use the tickgit command to view pending tasks, progress re...
  • Black : By using Black, you agree to cede control over minutiae of hand-formatting. In return, Black gives you speed, determinism, and freedom from pycodestyl...
  • SonarQube : SonarQube is an open source platform for continuous inspection of code quality.
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
thumbnail

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'what's in it' using static analysis with a json based rules engine. Ideal for scanning components before use or detecting feature level changes.

staticanalysis code scan
REDbot https://redbot.org/
07/12/2019 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • patchbay : patchbay.pub is a free web service you can use to implement things like static site hosting, file sharing, cross-platform notifications, webhooks hand...
  • Hoppscotch : A free, online, open source API request builder
  • MindMeister : MindMeister is an online mind mapping tool that lets you capture, develop and share ideas visually.
  • Requestdiff : Differentiate HTTP headers and content body of two GET URLs.
thumbnail

REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how they'll behave, pointing out common problems and suggesting improvements. Although it is not a HTTP conformance tester, it can find a number of HTTP-related issues.

tool http scan service cache
Wappalyzer https://www.wappalyzer.com/
07/12/2019 cluster icon
  • WebPagetest : Run a free website speed test from multiple locations around the globe using real browsers (IE and Chrome) and at real consumer connection speeds. You...
  • TrackingTheTrackers.com : A free analysis tool to check if a website is disguising third-party trackers as first-party trackers.
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...
  • xip.io : xip.io is a magic domain name that provides wildcard DNS for any IP address.

Wappalyzer is a cross-platform utility that uncovers the technologies used on websites. It detects content management systems, ecommerce platforms, web frameworks, server software, analytics tools and many more.

website scan service
OpenSCAP https://www.open-scap.org/
03/10/2018 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • Grype : A vulnerability scanner for container images and filesystems.

The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselines. We maintain great flexibility and interoperability, reducing the costs of performing security audits.

security tool scan
Open Paperless https://github.com/zhoubear/open-paperless
29/12/2017 cluster icon
  • MediaGoblin : MediaGoblin is a free software media publishing platform that anyone can run. You can think of it as a decentralized alternative to Flickr, YouTube, S...
  • Alembic : Alembic is a new database migrations tool, written by the author of SQLAlchemy.
  • pydantic : Data validation and settings management using python type annotations.
  • Roll : Roll is a pico framework with performances and aesthetic in mind.
  • uv : An extremely fast Python package and project manager, written in Rust. A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twine, virtualenv...
thumbnail

Scan, index, and archive all of your paper documents. Open Paperless is a re-think of the user interface and user experience for Mayan EDMS. The goal is to reduce the complexity and make it more suitable for home users.

python document management scan archive freesoftware
Observatory https://observatory.mozilla.org/
01/09/2016 cluster icon
  • Security Headers : I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites we...
  • Everything you need to know about HTTP security headers : This article explains what secure headers are and how to implement these headers in Rails, Django, Express.js, Go, Nginx, and Apache.
  • Gixy : Gixy is a tool to analyze Nginx configuration. The main goal of Gixy is to prevent security misconfiguration and automate flaw detection.
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
  • REDbot : REDbot is lint for HTTP resources; it tests protocol correctness, cacheability, content negotiation and more. REDbot checks HTTP resources to see how ...

Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and securely.

http security scan configuration
Security Headers https://securityheaders.com/
02/05/2016 cluster icon
  • Observatory : Observatory by Mozilla is a project designed to help developers, system administrators, and security professionals configure their sites safely and se...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • Report URI : Report URI was founded to take the pain out of monitoring security policies like CSP and HPKP. When you can easily monitor what's happening on your si...
  • HTTP Security Report : Get an instant report of how your website measures up to the best practices. Check connection encryption, content security, information disclosure and...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
thumbnail

I built securityheaders.io after deploying security headers like CSP and HSTS to my own site. I wanted a quick and easy way to check if other sites were using these headers and I figured I'd turn it into a useful tool for everyone to use!
There are services out there that will analyse the HTTP response headers of other sites but I also wanted to add a rating system to the results. The HTTP response headers that this site analayses provide huge levels of protection and it's important that sites deploy them. Hopefully, by providing an easy mechanism to assess them, and further information on how to deploy missing headers, we can drive up the usage of security based headers across the web.

http security test scan service
WhatWeb http://www.morningstarsecurity.com/research/whatweb
17/04/2016 cluster icon
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • OpenVAS : OpenVAS is a full-featured vulnerability scanner. Its capabilities include unauthenticated testing, authenticated testing, various high level and low ...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
thumbnail

WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content management systems (CMS), blogging platforms, statistic/analytics packages, JavaScript libraries, web servers, and embedded devices. WhatWeb has over 900 plugins, each to recognise something different. WhatWeb also identifies version numbers, email addresses, account IDs, web framework modules, SQL errors, and more.

web scan tool analysis security
Zed Attack Proxy https://www.owasp.org/index.php/OWASP_Zed_Attack_Proxy_Project
04/08/2014 cluster icon
  • WhatWeb : WhatWeb identifies websites. Its goal is to answer the question, “What is that Website?”. WhatWeb recognises web technologies including content manage...
  • Wapiti : Wapiti allows you to audit the security of your web applications. It performs "black-box" scans, i.e. it does not study the source code of the applica...
  • BounCA : BounCA is a tool to manage your personal SSL certificates and authorities in a central and easy to use interfaces. It provides an easy accessible web ...
  • SpiderFoot : With almost 200 modules and growing, SpiderFoot provides an easy-to-use interface that enables you to automatically collect Open Source Intelligence (...
  • OpenSCAP : The OpenSCAP ecosystem provides multiple tools to assist administrators and auditors with assessment, measurement, and enforcement of security baselin...
thumbnail

The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications.

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing.

ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.

web security proxy scan tool
Wapiti http://wapiti.sourceforge.net
18/06/2011 cluster icon
  • Nikto2 : Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 6500 potent...
  • Zed Attack Proxy : The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be...
  • Burp Suite : Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the en...
  • webhint : webhint is a linting tool that will help you with your site's accessibility, speed, security and more, by checking your code for best practices and co...
  • Sitespeed.io : Sitespeed.io is an open source tool that helps you analyze and optimize your website speed and performance based on performance best practices. It col...

Wapiti allows you to audit the security of your web applications.

It performs "black-box" scans, i.e. it does not study the source code of the application but will scans the webpages of the deployed webapp, looking for scripts and forms where it can inject data.

Once it gets this list, Wapiti acts like a fuzzer, injecting payloads to see if a script is vulnerable.

web security software test scan
1636 links
Shaarli - The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community - Theme by kalvn