A proposed standard that allows websites to define security policies.
☆1,855Dec 9, 2022Updated 3 years ago
Alternatives and similar repositories for security-txt
Users that are interested in security-txt are comparing it to the libraries listed below
Sorting:
- Reconnaissance tool for GitHub organizations☆6,139Sep 20, 2022Updated 3 years ago
- SSH server auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)☆2,990Jun 28, 2024Updated last year
- Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and sys…☆15,339Jan 28, 2026Updated last month
- Find interesting Amazon S3 Buckets by watching certificate transparency logs.☆1,800Feb 28, 2025Updated last year
- HTTPLeaks - All possible ways, a website can leak HTTP requests☆2,098Jan 3, 2026Updated 2 months ago
- XRay is a tool for recon, mapping and OSINT gathering from public networks.☆2,291Jul 10, 2024Updated last year
- Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices☆12,049Updated this week
- This tool can be used to brute discover GET and POST parameters☆1,394Aug 24, 2019Updated 6 years ago
- A Tool for Domain Flyovers☆5,906May 22, 2022Updated 3 years ago
- Find secrets with Gitleaks 🔑☆25,103Feb 21, 2026Updated last week
- Security Tool to Look For Interesting Files in S3 Buckets☆1,456Apr 10, 2024Updated last year
- Testing TLS/SSL encryption anywhere on any port☆8,921Feb 19, 2026Updated last week
- Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren…☆9,219Oct 4, 2023Updated 2 years ago
- Subdomain Takeover tool written in Go☆2,028Aug 13, 2023Updated 2 years ago
- "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.☆5,565Feb 8, 2025Updated last year
- An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the r…☆3,227Nov 20, 2025Updated 3 months ago
- The Most Comprehensive Docker Security Scanner☆1,524Updated this week
- A curated list of the most common and most interesting robots.txt disallowed directories.☆1,486Aug 22, 2022Updated 3 years ago
- ☆2,316Dec 8, 2023Updated 2 years ago
- Infection Monkey - An open-source adversary emulation platform☆6,956May 1, 2025Updated 10 months ago
- A toolset to track and organize output of reconnaissance tools☆348Jan 3, 2018Updated 8 years ago
- A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications☆2,204Dec 25, 2020Updated 5 years ago
- A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)☆3,541Jul 21, 2025Updated 7 months ago
- A security testing Slackbot built with a Kubernetes backend on the Google Cloud Platform☆166Sep 14, 2024Updated last year
- Checklist of the most important security countermeasures when designing, testing, and releasing your API☆23,176Feb 10, 2026Updated 3 weeks ago
- Most advanced XSS scanner.☆14,773Apr 26, 2025Updated 10 months ago
- OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.☆12,917Updated this week
- Nginx configuration static analyzer☆8,550Jul 28, 2024Updated last year
- Memorable site for testing clients against bad SSL configs.☆2,987May 16, 2024Updated last year
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,477Jan 9, 2025Updated last year
- Find, verify, and analyze leaked credentials☆24,779Updated this week
- OSS-Fuzz - continuous fuzzing for open source software.☆11,929Updated this week
- A pretty sweet vulnerability scanner☆4,150Sep 25, 2024Updated last year
- DEPRECATED - A prototype SSH configuration and policy scanner (Blog: https://mozilla.github.io/ssh_scan/)☆788Jan 23, 2022Updated 4 years ago
- This repository contains all the material from the talk "Esoteric sub-domain enumeration techniques" given at Bugcrowd LevelUp 2017 virtu…☆629Feb 5, 2019Updated 7 years ago
- Prevents you from committing secrets and credentials into git repositories☆13,182Sep 17, 2025Updated 5 months ago
- Offensive Web Testing Framework (OWTF), is a framework which tries to unite great tools and make pen testing more efficient http://owtf.o…☆1,928Feb 16, 2026Updated 2 weeks ago
- Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation☆5,606Apr 15, 2025Updated 10 months ago
- SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in …☆69,212Updated this week