Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
☆1,299Mar 6, 2026Updated this week
Alternatives and similar repositories for horusec
Users that are interested in horusec are comparing it to the libraries listed below
Sorting:
- Static Application Security Testing (SAST) engine focused on covering the OWASP Top 10, to make source code analysis to find vulnerabilit…☆551Apr 10, 2022Updated 3 years ago
- Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependenci…☆869Sep 1, 2023Updated 2 years ago
- Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.☆2,577Updated this week
- Performing security tests inside your CI☆591May 15, 2024Updated last year
- Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.☆14,285Feb 27, 2026Updated last week
- Open-Source Unified Vulnerability Management, DevSecOps & ASPM☆4,549Updated this week
- Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more☆32,947Updated this week
- Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.☆5,201Nov 20, 2025Updated 3 months ago
- Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabl…☆27,300Updated this week
- An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses☆1,763Jul 31, 2025Updated 7 months ago
- A source code static analysis platform for AppSec enthusiasts.☆270Dec 8, 2025Updated 2 months ago
- Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastruct…☆2,575Updated this week
- Semgrep Community Edition rules, maintained by Semgrep and the community. Free to use under the Semgrep Rules License.☆1,088Updated this week
- ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.☆2,441Jun 11, 2025Updated 8 months ago
- 🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.☆4,859Feb 28, 2026Updated last week
- A vulnerability scanner for container images and filesystems☆11,652Updated this week
- The Swiss Army knife for automated Web Application Testing☆2,323May 8, 2024Updated last year
- OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependen…☆7,445Updated this week
- OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.☆184Jul 21, 2025Updated 7 months ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,080Feb 24, 2026Updated last week
- SCodeScanner stands for Source Code scanner where the user can scans the source code for finding the Critical Vulnerabilities.☆162Jul 17, 2023Updated 2 years ago
- The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala proje…☆2,412Jun 17, 2025Updated 8 months ago
- APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is int…☆956Jan 17, 2025Updated last year
- Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supp…☆3,631Updated this week
- Fast web fuzzer written in Go☆15,679Apr 24, 2025Updated 10 months ago
- Software for fuzzing, used on web application pentestings.☆178Mar 8, 2024Updated last year
- Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…☆13,160Updated this week
- reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via E…☆8,497Nov 16, 2025Updated 3 months ago
- Attack Surface Management Platform☆9,435Feb 15, 2026Updated 2 weeks ago
- Quickly discover exposed hosts on the internet using multiple search engines.☆2,827Feb 25, 2026Updated last week
- A fast tool to scan CRLF vulnerability written in Go☆1,520Feb 23, 2026Updated last week
- Community curated list of templates for the nuclei engine to find security vulnerabilities.☆12,015Updated this week
- nodejsscan is a static security code scanner for Node.js applications.☆2,553Oct 10, 2025Updated 4 months ago
- njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.☆423Nov 14, 2024Updated last year
- Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the ac…☆1,774Apr 26, 2024Updated last year
- An OOB interaction gathering server and client library☆4,212Feb 26, 2026Updated last week
- ScareCrow - Payload creation framework designed around EDR bypass.☆2,874Aug 18, 2023Updated 2 years ago
- A Tool for Domain Flyovers☆5,904May 22, 2022Updated 3 years ago
- Corsair_scan is a security tool to test Cross-Origin Resource Sharing (CORS).☆123Apr 14, 2023Updated 2 years ago