security

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

A collection of various awesome lists for hackers, pentesters and security researchers

List of Computer Science courses with video lectures.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisat...

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Comfortably monitor your Internet traffic 🕵️‍♂️

🕵️‍♂️ All-in-one OSINT tool for analysing any website

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Set up a personal VPN in the cloud

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

The official NGINX Open Source repository.

⚙️ NGINX config generator on steroids 💉

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collabora...

Proxmox VE Helper-Scripts (Community Edition)

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

OpenZeppelin Contracts is a library for secure smart contract development.

KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.

An evolving how-to guide for securing a Linux server.

Find secrets with Gitleaks 🔑

Infisical is the open-source platform for secrets, certificates, and privileged access management.

Find, verify, and analyze leaked credentials

eBPF-based Networking, Security, and Observability

UNIX-like reverse engineering framework and command-line toolset

SQL powered operating system instrumentation, monitoring, and analytics.

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (...

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

Community guide to securing and improving privacy on macOS.

Simple and flexible tool for managing secrets

Empowering People Ethically 🚀 — Matomo is hiring! Join us → https://matomo.org/jobs Matomo is the leading open-source alternative to Google Analytics...

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026

Security Guide for Developers

SafeLine is a self-hosted WAF(Web Application Firewall) / reverse proxy to protect your web apps from attacks and exploits.

The authentication glue you need.

🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.

The easiest, and most secure way to access and protect all of your infrastructure.

🤖 The Modern Port Scanner 🤖

Manage your dotfiles across multiple diverse machines, securely.

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

Free and Open Source Reverse Engineering Platform powered by rizin

open-source agentic AI data assistant for the next generation of AI + Data products.

Weighs the soul of incoming HTTP requests to stop AI crawlers

Daemon to ban hosts that cause multiple authentication errors

Internet-scale OpenID Certified™ OpenID Connect and OAuth2.1 provider that integrates with your user management through headless APIs. Solve OIDC/OAut...

DOMPurify - a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify works with a secure default, but offers a lot of c...