Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail for Repeat Offenders

EMBA - The firmware security analyzer

MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way in directories and with various formats.

Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.

Remote command execution vulnerability scanner for Log4j.

Nucleimonst3r is a powerful vulnerability scanner that can help Bug Bounty Hunters find low hanging fruit vulnerabilities for known CVEs and exploits but also gather all the technology running behind them for further investigation for a potential target.

Streamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.

A simple program written in bash that contains basic Linux network tools, information gathering tools and scanning tools.

Designed to scan and exploit vulnerabilities within Tor hidden services. TORhunter allows most tools to work as normal while resolving .onion

Discover the attack surface and prioritize risks with our continuous Attack Surface Management (ASM) platform - Sn1per Professional #pentest #redteam #bugbounty

ScanPro - NMap Scanning Scripts ~ Network Mapper

A vulnerability fuzzing tool written in bash, it contains the most commonly used tools to perform vulnerability scan

Sifter - All purpose penetration testing op-center

Harbor in Kubernetes

An Automated Mass Network Vulnerability Scanner and Recon Tool

Inside403 is a powerful and versatile web security testing tool designed to assess the robustness of web pages and directories against 403 Forbidden errors. This tool is specifically crafted for security professionals, penetration testers, and ethical hackers who seek to identify potential vulnerabilities in web applications.

Random IPv6 - circumvents restrictive IP address-based filter and blocking rules

Shell scripts to identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability. Versions 5.6.0 and 5.6.1 of xz-utils are known to be vulnerable, and this script aids in detecting them and optionally downgrading to a stable, un-compromised version (5.4.6) or upgrading to latest version. Added Ansible Playbook