Tools starting with G

Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.

GasMask

GasMask is an open source intelligence gathering tool (OSINT). It can be used to discover more information about a particular target. The sources it uses include search engines like Bing, Google, and Yandex. Additionally it retrieves information from GitHub, YouTube, and social media platforms like Twitter.

gauntlt

Gauntlt is a security toolkit that allows attacking your code. Its purpose is to be mean and test as many types of attacks and see if it can withstand them. The project is available under the MIT license and exists since 2012.

GGRC (Google Governance, Risk and Compliance)

Governance, Risk Management, and Compliance are activities necessary for any organization with regulatory or contractual obligations. The GGRC tooling helps with storing all related information and interconnecting the pieces.


Latest release: 2.20.0-Pumpkin [Oct. 28, 2019]

git-crypt

Git-crypt enables encryption and decryption of files in a Git repository. It is transparent to the user and can be used to freely share a repository containing both public and private information.

Gitem

Gitem is a reconnaissance tool to extract information about organizations on GitHub. It can be used to find the leaking of sensitive data.

gitleaks

Gitleaks is a security tool written in Golang to perform an audit on a Git software repository. Read this review to see how it works.


Latest release: 2.1.0 [Aug. 1, 2019]

Gitmails

Gitmails is a tool that explores git commits and extracts email addresses. This harvesting tool can be used to perform information gathering about individuals and companies. It may be used for penetration tests and security assessments.

GitMiner

GitMiner is a security tool to scan a Git repository for data leaks that may reveal sensitive information like authentication details.

Gitrob

Gitrob is a security tool to find sensitive information on GitHub. During the audit, it may detect passwords, API keys, or other secrets.

git-secrets

Git-secrets is a tool to prevent your secrets, like authentication details or otherwise specified patterns, to end up in a Git. This way these details won't end up in your version control system by accident.


Latest release: 1.3.0 [Feb. 10, 2019]

Glastopf

Glastopf is a honeypot for web applications. It is written in Python and collects all kind of attacks against it for further analysis.

Gophish

Gophish is an open source phishing toolkit. Its focus is on businesses and penetration testers to test security awareness and security policies.


Latest release: 0.8.0 [Aug. 12, 2019]

gosec

Gosec is a security tool that performs a static code analysis for Golang projects for security flaws. Read how it works in this review.


Latest release: 2.1.0 [Oct. 9, 2019]

graudit

Graudit is a security tool to perform static code analysis by using the grep tool. It is a lightweight solution to find common issues in code.


Latest release: 2.3 [Oct. 15, 2019]

GRR Rapid Response

GRR is a security tool for live forensics on remote systems. It uses a client-server model to obtain information from the systems and store them centrally.


Latest release: 3.3.0.8 [Oct. 9, 2019]
RSS feed icon for Linux security tools

Recently reviewed

  • Wapiti (vulnerability scanner for web applications)
  • Vuls (agentless vulnerability scanner)
  • Cppcheck (static code analyzer)
  • Zeek (network security monitoring tool)
  • XSStrike (XSS detection and exploitation suite)
  • Decentraleyes (local CDN emulation for privacy)
  • RootHelper (script to retrieve exploitation tools)
  • graudit (static code analysis tool)
  • Suhosin7 (Suhosin security extension for PHP 7.x)
  • gosec (Golang security checker)
  • siemstress (basic SIEM solution)
  • CMSeeK (CMS detection and exploitation)
  • Malice (VirusTotal clone)
  • Bleach (sanitizing library for Django)
  • SQLMate (a friend of SQLMap with additional features)
  • Termineter (smart meter security framework)
  • tlsenum (enumeration tool for TLS)
  • hBlock (ad blocking and tracker/malware protection)
  • Malscan (malware scanner for web servers)
  • massh-enum (OpenSSH user enumeration)
  • BDA (vulnerability scan for Hadoop and Spark)
  • SubFinder (subdomain scanner)
  • Prowler (AWS benchmark tool)
  • GitMiner (Git data miner)
  • Hash Buster (find cleartext of hash)