ONYPHE is a search engine for open-source and cyber threat intelligence data collected by crawling various sources available on the Internet or by listening to Internet background noise. ONYPHE correlates this information with data gathered by performing active Internet scanning for connected devices. It then normalizes information and make it available via an API and its search language.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more. Some of this stuff can be used to prime discovery operations.
Homepage of the PLA. Fun stuff, here!
Clair is a FOSS utility for conducting static security analysis of Linux containers, Docker containers in particular. Clair continually updates its internal index of known vulnerabilities so it can keep constant watch over what it monitors. Has a modular architecture to make it easier to extend the project without having to fork() it. Also designed to fit into a CI/CD pipeline to monitor in-house containers as they're built. Plugs into Kubernetes. Requires Postgres. Written in Go. sysadmin infosec scanner scanning