security

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

A collection of various awesome lists for hackers, pentesters and security researchers

List of Computer Science courses with video lectures.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisat...

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Comfortably monitor your Internet traffic 🕵️‍♂️

Set up a personal VPN in the cloud

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

The official NGINX Open Source repository.

⚙️ NGINX config generator on steroids 💉

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

Proxmox VE Helper-Scripts (Community Edition)

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.

🕵️‍♂️ All-in-one OSINT tool for analysing any website

OpenZeppelin Contracts is a library for secure smart contract development.

An evolving how-to guide for securing a Linux server.

Find secrets with Gitleaks 🔑

Infisical is the open-source platform for secrets, certificates, and privileged access management.

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collabora...

eBPF-based Networking, Security, and Observability

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (...

SQL powered operating system instrumentation, monitoring, and analytics.

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Community guide to securing and improving privacy on macOS.

UNIX-like reverse engineering framework and command-line toolset

Empowering People Ethically 🚀 — Matomo is hiring! Join us → https://matomo.org/jobs Matomo is the leading open-source alternative to Google Analytics...

Simple and flexible tool for managing secrets

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026

Security Guide for Developers

The authentication glue you need.

Find, verify, and analyze leaked credentials

🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.

The easiest, and most secure way to access and protect all of your infrastructure.

Manage your dotfiles across multiple diverse machines, securely.

Free and Open Source Reverse Engineering Platform powered by rizin

🤖 The Modern Port Scanner 🤖

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

Daemon to ban hosts that cause multiple authentication errors

AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents

Internet-scale OpenID Certified™ OpenID Connect and OAuth2.1 provider that integrates with your user management through headless APIs. Solve OIDC/OAut...

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of c...

Get Android app updates straight from the source.