diff --git a/Toolauswahl.md b/Toolauswahl.md index c05bad5..50b17a4 100644 --- a/Toolauswahl.md +++ b/Toolauswahl.md @@ -18,35 +18,35 @@ Die Ergebnisse der Recherchen wurden in einer gemeinsamen Tabelle zusammengetrag | Name | Ausgewählt | Letztes Update | Features | Repo | Homepage | Github Stars | |---------------------------------|------------------------|----------------|--------------------------------------------------------------------------------------------------------------------------------------|-----------------------------------------------|----------------------------------------|--------------| | | | | | | | | -| Vuls | Save | Dec 15, 2020 | Debian, ExploitDB, Metasploit, Node, Outdated Software, PHP, Python, RHEL, Ruby, SSL, Ubuntu, Webservers, WordPress | https://github.com/future-architect/vuls | | 8157 | -| Lynis | Save | Nov 13, 2020 | Compliance, Configurations, Intrusion Detection, Patch Management, Penetration Testing, Security Auditing, System Hardening, Vuln Detection | https://github.com/CISOfy/lynis | https://cisofy.com/lynis/#introduction | 7946 | -| Testssl.sh | Save | Dec 5, 2020 | Debian, Ports, SSL, Ubuntu, WSL, Webservers | https://github.com/drwetter/testssl.sh | https://testssl.sh/ | 4683 | -| Nikto | No (included in other) | Nov 30, 2020 | Webservers | https://github.com/sullo/nikto | | 4421 | -| Kube Bench | No | Dec 8, 2020 | Kubernetes | https://github.com/aquasecurity/kube-bench | | 3224 | -| Prowler | No | Nov 20, 2020 | AWS, Logging, Monitoring, Networking | https://github.com/toniblyx/prowler | | 2830 | -| ssh-audit | Probably No | Nov 2, 2016 | Algorithm Information, Key Algorithms, SSH | https://github.com/arthepsy/ssh-audit | | 2662 | -| NMAP Vulns | No (included in other) | Nov 12, 2020 | CVE Scanning, Ports | https://github.com/vulnersCom/nmap-vulners | | 2207 | -| ScoutSuite (former AWS Scout2) | No | Oct 24, 2020 | AWS, Alibaba Cloud, Azure, Google Cloud Platform, Oracle Cloud Infrastructure | https://github.com/nccgroup/ScoutSuite | | 1664 | -| Archery | No | Nov 27, 2020 | Hosts own Vuln-Scan service | https://github.com/archerysec/archerysec | https://vuls.io/ | 1532 | -| Scanner for PHP.ini | No | Feb 4, 2018 | PHP | https://github.com/psecio/iniscan | | 1451 | -| sslscan2 | No (included in other) | Dec 9, 2020 | OpenSSl, SSL | https://github.com/rbsec/sslscan | | 1222 | -| CloudSploit scans | No | Nov 30, 2020 | AWS, Azure, Google Cloud Platform | https://github.com/aquasecurity/cloudsploit | https://cloudsploit.com/ | 1173 | -| Anchore Engine | Probably | Nov 25, 2020 | CentOS, Debian, Docker, Hosts own Vuln-Scan service, Monitoring, RHEL, Ubuntu | https://github.com/anchore/anchore-engine | https://docs.anchore.com/current/ | 1099 | -| OpenVAS | No (included in other) | Dec 1, 2020 | Networking | https://github.com/greenbone/openvas | https://community.greenbone.net/ | 938 | -| Cloud Security Suite (cs-suite) | Probably No | Oct 24, 2020 | AWS, Azure, Debian, Google Cloud Platform, Ubuntu | https://github.com/SecurityFTW/cs-suite | https://securityftw.github.io/ | 774 | -| ssh_scan | No | Nov 5, 2020 | Configurable, SSH | https://github.com/mozilla/ssh_scan | | 736 | -| VHostScan | No | Sep 1, 2020 | HTTP, Webservers | https://github.com/codingo/VHostScan | | 715 | -| OpenSCAP | No | Nov 25, 2020 | CWE, SCAP | https://github.com/OpenSCAP/openscap/releases | http://www.open-scap.org/ | 698 | -| Zeus | No | Oct 3, 2019 | AWS | https://github.com/DenizParlak/Zeus | | 620 | -| JShielder | Save | Aug 21, 2019 | Apache, Compilers, Critical Files, Cronjobs, Fail2Ban, IpTables, Kernel, MySql, PHP, SSH | https://github.com/Jsitech/JShielder | | 458 | -| otseca | Save | Mar 24, 2020 | Distribution, External, Kernel, Networking, Permissions, System | https://github.com/trimstray/otseca | | 408 | -| Bash Scanner | No | Dec 8, 2016 | Apache, Debian, Nginx, OpenSSH, OpenSSl, Outdated Software, PHP, Ubuntu | https://github.com/PatrolServer/bashscanner | | 377 | -| arch-audit | No | Dec 1, 2020 | Arch | https://github.com/ilpianista/arch-audit | | 267 | -| LUNAR | Probably No | Sep 23, 2020 | AWS, CentOS, Debian, Docker, RHEL, Ubuntu | https://github.com/lateralblast/lunar | | 236 | -| G-Scout | | Apr 11, 2019 | Google Cloud Platform | https://github.com/nccgroup/G-Scout | | 206 | -| DAudit | | Jun 21, 2020 | BigData, Hadoop, MongoDB, MySql, Redis, Spark | https://github.com/shouc/daudit | | 104 | -| Nix Auditor | | Jul 10, 2020 | CentOS, RHEL | https://github.com/XalfiE/Nix-Auditor | | 63 | -| orthrus | No | Oct 26, 2017 | (unstable), EC2, IAM configurations | https://github.com/pbnj/orthrus | | 17 | -| sshsec | No | Aug 29, 2017 | SSH | https://github.com/Knio/sshsec | | 12 | -| System Security Checker | No | Aug 31, 2019 | CVE Scanning | https://github.com/infertux/sysechk | | 11 | -| YASAT | No | Aug 30, 2016 | Apache, Bind DNS, Kernel, MySql, OpenVPN, PHP, Samba, Squid, Tomcat | https://github.com/montjoie/yasat | | 10 | \ No newline at end of file +| Vuls | Ja | Dec 15, 2020 | Debian, ExploitDB, Metasploit, Neinde, Outdated Software, PHP, Python, RHEL, Ruby, SSL, Ubuntu, Webservers, WordPress | https://github.com/future-architect/vuls | | 8157 | +| Lynis | Ja | Neinv 13, 2020 | Compliance, Configurations, Intrusion Detection, Patch Management, Penetration Testing, Security Auditing, System Hardening, Vuln Detection | https://github.com/CISOfy/lynis | https://cisofy.com/lynis/#introduction | 7946 | +| Testssl.sh | Ja | Dec 5, 2020 | Debian, Ports, SSL, Ubuntu, WSL, Webservers | https://github.com/drwetter/testssl.sh | https://testssl.sh/ | 4683 | +| Nikto | Nein (teil eines anderen) | Neinv 30, 2020 | Webservers | https://github.com/sullo/nikto | | 4421 | +| Kube Bench | Nein | Dec 8, 2020 | Kubernetes | https://github.com/aquasecurity/kube-bench | | 3224 | +| Prowler | Nein | Neinv 20, 2020 | AWS, Logging, Monitoring, Networking | https://github.com/toniblyx/prowler | | 2830 | +| ssh-audit | Eher Nein | Neinv 2, 2016 | Algorithm Information, Key Algorithms, SSH | https://github.com/arthepsy/ssh-audit | | 2662 | +| NMAP Vulns | Nein (teil eines anderen) | Neinv 12, 2020 | CVE Scanning, Ports | https://github.com/vulnersCom/nmap-vulners | | 2207 | +| ScoutSuite (former AWS Scout2) | Nein | Oct 24, 2020 | AWS, Alibaba Cloud, Azure, Google Cloud Platform, Oracle Cloud Infrastructure | https://github.com/nccgroup/ScoutSuite | | 1664 | +| Archery | Nein | Neinv 27, 2020 | Hosts own Vuln-Scan service | https://github.com/archerysec/archerysec | https://vuls.io/ | 1532 | +| Scanner for PHP.ini | Nein | Feb 4, 2018 | PHP | https://github.com/psecio/iniscan | | 1451 | +| sslscan2 | Nein (teil eines anderen) | Dec 9, 2020 | OpenSSl, SSL | https://github.com/rbsec/sslscan | | 1222 | +| CloudSploit scans | Nein | Neinv 30, 2020 | AWS, Azure, Google Cloud Platform | https://github.com/aquasecurity/cloudsploit | https://cloudsploit.com/ | 1173 | +| Anchore Engine | Eher | Neinv 25, 2020 | CentOS, Debian, Docker, Hosts own Vuln-Scan service, Monitoring, RHEL, Ubuntu | https://github.com/anchore/anchore-engine | https://docs.anchore.com/current/ | 1099 | +| OpenVAS | Nein (teil eines anderen) | Dec 1, 2020 | Networking | https://github.com/greenbone/openvas | https://community.greenbone.net/ | 938 | +| Cloud Security Suite (cs-suite) | Eher Nein | Oct 24, 2020 | AWS, Azure, Debian, Google Cloud Platform, Ubuntu | https://github.com/SecurityFTW/cs-suite | https://securityftw.github.io/ | 774 | +| ssh_scan | Nein | Neinv 5, 2020 | Configurable, SSH | https://github.com/mozilla/ssh_scan | | 736 | +| VHostScan | Nein | Sep 1, 2020 | HTTP, Webservers | https://github.com/codingo/VHostScan | | 715 | +| OpenSCAP | Nein | Neinv 25, 2020 | CWE, SCAP | https://github.com/OpenSCAP/openscap/releases | http://www.open-scap.org/ | 698 | +| Zeus | Nein | Oct 3, 2019 | AWS | https://github.com/DenizParlak/Zeus | | 620 | +| JShielder | Ja | Aug 21, 2019 | Apache, Compilers, Critical Files, Cronjobs, Fail2Ban, IpTables, Kernel, MySql, PHP, SSH | https://github.com/Jsitech/JShielder | | 458 | +| otseca | Ja | Mar 24, 2020 | Distribution, External, Kernel, Networking, Permissions, System | https://github.com/trimstray/otseca | | 408 | +| Bash Scanner | Nein | Dec 8, 2016 | Apache, Debian, Nginx, OpenSSH, OpenSSl, Outdated Software, PHP, Ubuntu | https://github.com/PatrolServer/bashscanner | | 377 | +| arch-audit | Nein | Dec 1, 2020 | Arch | https://github.com/ilpianista/arch-audit | | 267 | +| LUNAR | Eher Nein | Sep 23, 2020 | AWS, CentOS, Debian, Docker, RHEL, Ubuntu | https://github.com/lateralblast/lunar | | 236 | +| G-Scout | Nein | Apr 11, 2019 | Google Cloud Platform | https://github.com/nccgroup/G-Scout | | 206 | +| DAudit | Nein | Jun 21, 2020 | BigData, Hadoop, MongoDB, MySql, Redis, Spark | https://github.com/shouc/daudit | | 104 | +| Nix Auditor | Nein | Jul 10, 2020 | CentOS, RHEL | https://github.com/XalfiE/Nix-Auditor | | 63 | +| orthrus | Nein | Oct 26, 2017 | (unstable), EC2, IAM configurations | https://github.com/pbnj/orthrus | | 17 | +| sshsec | Nein | Aug 29, 2017 | SSH | https://github.com/Knio/sshsec | | 12 | +| System Security Checker | Nein | Aug 31, 2019 | CVE Scanning | https://github.com/infertux/sysechk | | 11 | +| YASAT | Nein | Aug 30, 2016 | Apache, Bind DNS, Kernel, MySql, OpenVPN, PHP, Samba, Squid, Tomcat | https://github.com/montjoie/yasat | | 10 | \ No newline at end of file