Tools starting with G
Looking for new tools to extend your tool box? The top 100 list of best security tools is a great start.
GGRC (Google Governance, Risk and Compliance)
Governance, Risk Management, and Compliance are activities necessary for any organization with regulatory or contractual obligations. The GGRC tooling helps with storing all related information and interconnecting the pieces.
GRR is a security tool for live forensics on remote systems. It uses a client-server model to obtain information from the systems and store them centrally.
GasMask is an open source intelligence gathering tool (OSINT). It can be used to discover more information about a particular target. The sources it uses include search engines like Bing, Google, and Yandex. Additionally it retrieves information from GitHub, YouTube, and social media platforms like Twitter.
GitMiner is a security tool to scan a Git repository for data leaks that may reveal sensitive information like authentication details.
Gitem is a reconnaissance tool to extract information about organizations on GitHub. It can be used to find the leaking of sensitive data.
Gitmails is a tool that explores git commits and extracts email addresses. This harvesting tool can be used to perform information gathering about individuals and companies. It may be used for penetration tests and security assessments.
Gitrob is a security tool to find sensitive information on GitHub. During the audit, it may detect passwords, API keys, or other secrets.
Glastopf is a honeypot for web applications. It is written in Python and collects all kind of attacks against it for further analysis.
Gophish is an open source phishing toolkit. Its focus is on businesses and penetration testers to test security awareness and security policies.
Gauntlt is a security toolkit that allows attacking your code. Its purpose is to be mean and test as many types of attacks and see if it can withstand them. The project is available under the MIT license and exists since 2012.
Git-crypt enables encryption and decryption of files in a Git repository. It is transparent to the user and can be used to freely share a repository containing both public and private information.
Git-secrets is a tool to prevent your secrets, like authentication details or otherwise specified patterns, to end up in a Git. This way these details won't end up in your version control system by accident.
Gitleaks is a security tool written in Golang to perform an audit on a Git software repository. Read this review to see how it works.
Gosec is a security tool that performs a static code analysis for Golang projects for security flaws. Read how it works in this review.
Graudit is a security tool to perform static code analysis by using the grep tool. It is a lightweight solution to find common issues in code.
- Archery (vulnerability assessment and management)
- Wapiti (vulnerability scanner for web applications)
- Patator (multi-purpose brute-force tool)
- BleachBit (system cleaner and privacy tool)
- OpenSCAP (suite with tools and security data)
- Lynis (security scanner and compliance auditing tool)
- BlackBox (store secrets in Git/Mercurial/Subversion)
- salt-scanner (Linux vulnerability scanner)
- Infection Monkey (security testing for data centers and networks)
- Anchore Engine (container analysis and inspection)
- Zeek (network security monitoring tool)
- ZAP (web application analysis)
- Maltrail (malicious traffic detection system)
- Vuls (agentless vulnerability scanner)
- Cppcheck (static code analyzer)
- XSStrike (XSS detection and exploitation suite)
- Decentraleyes (local CDN emulation for privacy)
- RootHelper (script to retrieve exploitation tools)
- graudit (static code analysis tool)
- Suhosin7 (Suhosin security extension for PHP 7.x)
- gosec (Golang security checker)
- siemstress (basic SIEM solution)
- CMSeeK (CMS detection and exploitation)
- Bleach (sanitizing library for Django)