Shell security-tools

Open-source Shell projects categorized as security-tools Edit details

Top 20 Shell security-tool Projects

  • lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Project mention: Linux security | reddit.com/r/sysadmin | 2022-09-16
  • my-arsenal-of-aws-security-tools

    List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

    Project mention: Using Prowler to Audit your AWS account for vulnerabilities. | dev.to | 2022-05-05

    Few days ago I came across this repository and I found Prowler(Go Star the repo).

  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  • prowler

    Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

    Project mention: Opensource equivalent of Sailpoint | reddit.com/r/sysadmin | 2022-09-25

    You’re not going to find a shiny enterprise web ui for free but there are tools out there. If you just want to review AWS accounts, you can use prowler https://github.com/prowler-cloud/prowler

  • Sn1per

    Attack Surface Management Platform | Sn1perSecurity LLC

    Project mention: Are there any good automated attack tools besides Pentera? | reddit.com/r/cybersecurity | 2022-05-10

    Sn1per https://github.com/1N3/Sn1per

  • linux-exploit-suggester

    Linux privilege escalation auditing tool

  • Android-PIN-Bruteforce

    Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

    Project mention: Does Google want thieves to unlock Android devices? | reddit.com/r/AndroidQuestions | 2022-08-18

    There are only 10,000 possible 4-digit PIN codes. We can assume that it would take around 40 seconds for someone to try 5 of them. That means it would take 80,000 seconds to try all 10,000. That's 1,333 minutes or 22 hours of non-stop brute-forcing, and there are tools like this one to automate the process.

  • content

    Security automation content in SCAP, Bash, Ansible, and other formats (by ComplianceAsCode)

    Project mention: Ansible for automation/ hardening. | reddit.com/r/ansible | 2022-08-10
  • talent.io

    Download talent.io’s Tech Salary Report. Median salaries, most in-demand technologies, state of the remote work... all you need to know your worth on the market by tech recruitment platform talent.io

  • EMBA

    EMBA - The firmware security analyzer

    Project mention: OFRAK (Open Firmware Reverse Analysis Konsole): a recently released new tool for analysing embedded firmware | reddit.com/r/ReverseEngineering | 2022-08-11
  • graudit

    grep rough audit - source code auditing tool

    Project mention: Source Code Review Resources for Beginners | reddit.com/r/cybersecurity_help | 2022-07-20
  • hardening

    Hardening Ubuntu. Systemd edition.

  • awesome-bbht

    A bash script that will automatically install a list of bug hunting tools that I find interesting for recon, exploitation, etc. (minus burp) For Ubuntu/Debain.

    Project mention: Some information and advice about DDoS, from someone who was there during #opPayback | reddit.com/r/anonymous | 2022-02-27
  • proxmox_toolbox

    A toolbox to get the firsts configurations of Proxmox VE / BS done in no time

    Project mention: Whats my next server? | reddit.com/r/homelab | 2022-09-15
  • macos-scripts

    Various scripts for macOS tasks

    Project mention: Is there a way to automatically delete all my 32-bit (non-compatible) apps on my new MacBook? | reddit.com/r/mac | 2022-08-29

    Otherwise, you could look into running a shell script that could do this for you. I’m pretty sure its possible, but i have no experience with it. I Googled this one for you: https://github.com/0xmachos/macos-scripts it has a script that seems to be able to detect 32bits application.

  • MixewayHub

    Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and run images from docker hub.

    Project mention: What vulnerability management tool for modern DevSecOps? | reddit.com/r/devsecops | 2022-08-01

    Check Mixeway https://github.com/Mixeway/MixewayHub - vuln management, scanner management (multiple scanners managed from single dashboard) beta AI for classification and easy CICD integrations

  • ActiveDirectoryAttackTool

    ADAT is a small tool used to assist CTF players and Penetration testers with easy commands to run against an Active Directory Domain Controller. This tool is is best utilized using a set of known credentials against the host.

    Project mention: A tool to help with Active Directory and Windows | reddit.com/r/oscp | 2022-06-19

    ADAT: https://github.com/The-Viper-One/ActiveDirectoryAttackTool

  • MassVulScan

    Bash script which quickly identifies open network ports and any associated vulnerabilities / Script Bash qui permet d'identifier rapidement les ports réseaux ouverts et les éventuelles vulnérabilités associées.

  • flipper-tools

    Cool Stuff I find or Create for Flipperzero

    Project mention: Wrote my first Mac/Flipper Ducky Script 🦆🐬 It captures image in photo booth, opens gmail, and sends image to pre defined email address | reddit.com/r/flipperzero | 2022-09-03

    Nice! Check out mine https://github.com/nwhistler/flipper-tools/tree/master/badusb/MacOS

  • css

    Asymmetric encryption of the Clip Board to secure it with CSS(Copy Securely Secrets) with RSA encryption/decryption algorithms. (by Sanix-Darker)

  • cfn-security

    A simple GitHub Action for AWS CloudFormation static code analysis to improve infrastructure-as-code security.

  • wafaray

    Enhance your malware detection with WAF + YARA (WAFARAY)

    Project mention: Enhance your malware detection with WAF + YARA (WAFARAY) | reddit.com/r/netsec | 2022-09-27
  • InfluxDB

    Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-09-27.

Shell security-tools related posts

Index

What are some of the best open-source security-tool projects in Shell? This list will help you:

Project Stars
1 lynis 10,082
2 my-arsenal-of-aws-security-tools 7,461
3 prowler 6,605
4 Sn1per 5,583
5 linux-exploit-suggester 3,843
6 Android-PIN-Bruteforce 2,451
7 content 1,666
8 EMBA 1,387
9 graudit 1,117
10 hardening 955
11 awesome-bbht 494
12 proxmox_toolbox 115
13 macos-scripts 83
14 MixewayHub 79
15 ActiveDirectoryAttackTool 67
16 MassVulScan 41
17 flipper-tools 13
18 css 5
19 cfn-security 5
20 wafaray 0
Find remote jobs at our new job board 99remotejobs.com. There are 8 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
Truly a developer’s best friend
Scout APM is great for developers who want to find and fix performance issues in their applications. With Scout, we'll take care of the bugs so you can focus on building great things 🚀.
scoutapm.com