Search Results for "modules"
Sort By:
Showing 135 open source projects for "modules"
View related business solutions-
Data management solutions for confident marketingVerify, deduplicate, manipulate, and assign records automatically to keep your CRM data accurate, complete, and ready for business.
-
Comet Backup - Fast, Secure Backup Software for MSPsComet is a flexible backup platform, giving you total control over your backup environment and storage destinations.
-
1
KubeArmor
Runtime Security Enforcement System
KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. It enforces policy-based controls. KubeArmor is a runtime Kubernetes security engine. It uses eBPF and Linux Security Modules(LSM) for fortifying workloads based on Cloud Containers, IoT/Edge, and 5G networks. It enforces policy-based controls. KubeArmor lessens the attack surface on pods, containers, and virtual machines. ... -
2
Pacu
The AWS exploitation framework, designed for testing security
...Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation. -
3
Retire.js
Scanner detecting the use of JavaScript libraries
...The goal of Retire.js is to help you detect the use of versions with known vulnerabilities. Scan a web app or node app for use of vulnerable JavaScript libraries and/or node modules. grunt-retire scans your grunt-enabled app for use of vulnerable JavaScript libraries and/or node modules. Scans visited sites for references to insecure libraries and puts warnings in the developer console. An icon on the address bar displays will also indicate if vulnerable libraries were loaded. Retire.js has been adapted as a plugin for the penetration testing tools Burp and OWASP ZAP. -
4
Xteam
All-in-one command-line toolkit for security testing and OSINT tools
...Xteam’s architecture uses a main bash script that serves as the hub for running internal modules or downloading and executing external projects when needed. It can operate on Linux systems as well as Android devices using Termux, making it accessible in both desktop and mobile environments. -
Securden Privileged Account ManagerDiscover and manage administrator, service, and web app passwords, keys, and identities. Automate management with approval workflows. Centrally control, audit, monitor, and record all access to critical IT assets.
-
5
Flowsint
Graph-based OSINT investigation platform w visual relationship mapping
...The system includes automated enrichers that gather additional intelligence about entities such as domain records, social media profiles, network infrastructure, and cryptocurrency activity. Its modular architecture separates the frontend application, API server, core services, and enrichment modules, making the platform extensible and easier to expand with new investigative capabilities. -
6
Argus
Python toolkit for OSINT and reconnaissance with 135+ modules
...The tool enables users to collect data about networks, domains, web applications, and infrastructure in an organized and efficient manner. Argus includes a modular architecture with more than 130 modules that support activities such as DNS analysis, port scanning, web application inspection, and threat intelligence lookups. Its interactive CLI allows users to browse available modules, configure targets, run scans, and review results from within a unified interface. The project aims to reduce the complexity of using multiple separate reconnaissance tools by bringing them together in one streamlined platform. ... -
7
OWASP Maryam
Modular OSINT framework for automated open-source intelligence gatheri
...Maryam helps security researchers and analysts streamline routine data-gathering tasks that typically involve searching multiple sources such as Google, Bing, or other online platforms. Maryam organizes its functionality into several modules that focus on different aspects of intelligence gathering, including footprint analysis, OSINT data extraction, and general search operations. -
8
Wazuh
The Open Source Security Platform
Wazuh is an open-source, unified security platform that delivers extended detection and response (XDR) and SIEM capabilities for on-premises, cloud, container, and endpoint environments. It provides comprehensive threat prevention, detection, integrity monitoring, incident response, and compliance monitoring. SIEM functionality to monitor security across endpoints, workloads, and containers. Centralized architecture enabling scalable deployment and unified management. Easy deployment with... -
9
Devise
Flexible authentication solution for Rails with Warden
Devise is a flexible authentication solution for Rails that is based on Warden, a general Rack authentication framework. It is a complete MVC solution based on Rails engines that lets you have several models signed in at the same time. It consists of 10 modules: 1. Authenticatable Module, responsible for password hashing and validating user authenticity when signing in 2. Omniauthable adds OmniAuth support 3. Confirmable is responsible for verifying if an account is already confirmed during sign in 4. Recoverable oversees the resetting of the user password and sends reset instructions 5. ... -
Get full visibility and control over your tasks and projects with Wrike.Wrike offers world-class features that empower cross-functional, distributed, or growing teams take their projects from the initial request stage all the way to tracking work progress and reporting results.
-
10
reconFTW
Automated framework for domain reconnaissance and vulnerability scans.
...The framework integrates many external security utilities and coordinates them to produce comprehensive reconnaissance results efficiently. Its modular design allows users to customize the process, enabling or disabling modules and adjusting settings according to their needs. reconFTW also provides configuration options for API keys, execution preferences, and tool paths through a dedicated configuration file. By automating complex recon tasks and combining outputs from many tools, it helps researchers quickly identify potential attacks. -
11
Wiki.js
A modern and powerful wiki app built on Node.js
...Use 3rd-party authentication services like Google, Facebook, Microsoft, GitHub, Discord, Slack and more. Add an extra layer of security using two-factor authentication for supported authentication modules. -
12
XRAY
XRay for recon, mapping and OSINT gathering from public networks
XRAY is a modular security toolset that helps developers and security professionals analyze, fuzz, and test web applications, protocols, and network services for vulnerabilities. It provides a framework for writing and executing inspection modules that can parse structured data (JSON, XML, HTML), traverse graphs of endpoints, and perform intelligent probing guided by discovered surface area. XRay is typically used as a reconnaissance and vulnerability discovery engine in red-team or app-security workflows: it leverages extensible plugins to adapt to different protocols, inject payloads, and detect common bug classes such as injection flaws, misconfigurations, and unsafe endpoints. ... -
13
...OpenFGA is designed to make it easy for developers to model their application permissions and add and integrate fine-grained authorization into their applications. It allows in-memory data storage for quick development, as well as pluggable database modules. It currently supports PostgreSQL 14, MySQL 8, and SQLite (currently in beta). It offers an HTTP API and a gRPC API. It has SDKs for Java, Node.js/JavaScript, GoLang, Python, and .NET. Look in our Community section for third-party SDKs and tools. It can also be used as a library. OpenFGA takes the best ideas from Google's Zanzibar paper for Relationship-Based Access Control, and also solves problems for Role-based Access Control and Attribute-Based Access Control use cases. ...
-
14
User Scanner
Scan usernames and emails across many platforms from the CLI
user-scanner is a command-line OSINT tool designed to analyze the presence and availability of usernames and email addresses across many online platforms. It helps users quickly determine whether a specific username or email is already associated with accounts on social networks, developer platforms, creator communities, gaming services, and other sites. user-scanner is useful for security researchers, investigators, and analysts performing open source intelligence, as well as individuals or... -
15
Osquery
SQL operating system instrumentation and monitoring framework
...This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser plugins, hardware events or file hashes.Osquery queries your devices like a database. Osquery uses basic SQL commands to leverage a relational data-model to describe a device. Frequently, attackers will leave a malicious process running but delete the original binary on disk. This query returns any process whose original binary has been deleted, which could be an indicator of a suspicious process. -
16
GHunt
Offensive Google framework
GHunt (v2) is an offensive Google framework, designed to evolve efficiently. It's currently focused on OSINT, but any use related with Google is possible. It will automatically use venvs to avoid dependency conflicts with other projects. First, launch the listener by doing ghunt login and choose between 1 of the 2 first methods. Put GHunt on listening mode (currently not compatible with docker) Paste base64-encoded cookies. Enter manually all cookies. The development of this extension has... -
17
tfsec
Security scanner for your Terraform code
tfsec is a static analysis security scanner for your Terraform code. Designed to run locally and in your CI pipelines, developer-friendly output and fully documented checks mean detection and remediation can take place as quickly and efficiently as possible. tfsec takes a developer-first approach to scanning your Terraform templates; using static analysis and deep integration with the official HCL parser it ensures that security issues can be detected before your infrastructure changes take... -
18
Flipper Android App
Android Mobile app to rule all Flipper's family
Flipper Android App is the official Android-based companion application that provides full control and management capabilities for the Flipper Zero device through a modular and scalable mobile architecture. Built primarily in Kotlin, the app is structured into multiple components that separate core logic, communication layers, and feature modules, enabling maintainability and extensibility for future development. It establishes a communication bridge between Android devices and Flipper Zero, allowing users to interact with hardware features such as infrared remotes, RFID/NFC tools, and Sub-GHz radio functionalities directly from their smartphone. The app supports file browsing, data transfer, and device configuration, making it a comprehensive control center for managing the Flipper ecosystem. ... -
19
BeEF
The browser exploitation framework project
...Unlike other security frameworks, BeEF looks past the hardened network perimeter and client system, and examines exploitability within the context of the one open door: the web browser. BeEF will hook one or more web browsers and use them as beachheads for launching directed command modules and further attacks against the system from within the browser context. -
20
Typhoon
Minimal and free Kubernetes distribution with Terraform
...Typhoon provides a Terraform Module for each supported operating system and platform. Define a Kubernetes cluster by using the Terraform module for your chosen platform and operating system. Initialize modules, plan the changes to be made, and apply the changes. Typhoon is strict about minimalism, maturity, and scope. Typhoon powers the author's cloud and colocation clusters. The project has evolved through operational experience and Kubernetes changes. Typhoon is shared under a free license to allow others to use the work freely and contribute to its upkeep. -
21
PoshC2
C2 framework used to aid red teamers with post-exploitation
PoshC2 is a proxy-aware C2 framework used to aid penetration testers with red teaming, post-exploitation and lateral movement. PoshC2 is primarily written in Python3 and follows a modular format to enable users to add their own modules and tools, allowing an extendible and flexible C2 framework. Out-of-the-box PoshC2 comes PowerShell/C# and Python2/Python3 implants with payloads written in PowerShell v2 and v4, C++ and C# source code, a variety of executables, DLLs and raw shellcode in addition to a Python2/Python3 payload. These enable C2 functionality on a wide range of devices and operating systems, including Windows, *nix and OSX. ... -
22
Nano ID
A secure, URL-friendly, unique string ID generator for JavaScript
...This calculator aims to help you realize the extent to which the ID length can be reduced. Instead of using the unsafe Math.random(), Nano ID uses the crypto module in Node.js and the Web Crypto API in browsers. These modules use unpredictable hardware random generator. Uniformity, random % alphabet is a popular mistake to make when coding an ID generator. The distribution will not be even; there will be a lower chance for some symbols to appear compared to others. So, it will reduce the number of tries when brute-forcing. Nano ID uses a better algorithm and is tested for uniformity. -
23
BBOT
The recursive internet scanner for hackers
...It operates as a modular and recursive scanning tool that can enumerate subdomains, perform port scans, gather metadata, and collect web intelligence through a unified command-line interface. The project emphasizes extensibility, allowing users to create or integrate custom modules that expand the scope of reconnaissance tasks without modifying the core engine. BBOT is particularly valuable for security researchers and red teamers who need to automate multi-stage discovery processes across complex infrastructures. Its architecture supports chaining multiple reconnaissance techniques together, enabling continuous discovery rather than one-off scans. ... -
24
GOAD (Game of Active Directory)
game of active directory
GOAD (Gather Open Attack Data) is a security reconnaissance framework for collecting, enriching, and visualizing open-source intelligence (OSINT) around hosts, domains, and certificates. It automates queries to certificate transparency logs, passive DNS, subdomain enumeration, web endpoints, and other public threat feeds. The tool aggregates results into structured formats and can produce interactive graphs to highlight relationships between entities (e.g. domain → IP → cert → ASN). Analysts... -
25
x64dbg
An open-source x64/x32 debugger for windows.
An open-source x64/x32 debugger for windows. Development is done on GitHub (https://github.com/x64dbg/x64dbg). Daily snapshots are uploaded here, snapshots for every commit can be found on http://releases.x64dbg.com
