security
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
Repositories (1449)
Symfony Security Component - HTTP Integration
ToolHive is an enterprise-grade platform for running and managing Model Context Protocol (MCP) servers.
Privacy and security enhanced releases of Chromium for GrapheneOS. Vanadium provides the WebView and standard user-facing browser on GrapheneOS. It de...
Python reference implementation of The Update Framework (TUF)
网络信息安全从业者面试指南
Hardening Ubuntu. Systemd edition.
AWESOME-Azure-Architecture - https://aka.ms/AwesomeAzureArchitecture
An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻
grep rough audit - source code auditing tool
a recon tool that allows searching on URLs that are exposed via shortener services
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom D...
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL S...
Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS
BinAbsInspector: Vulnerability Scanner for Binaries
Interactive CTF Exploration Tool
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable component...
CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography;...
OpenVPN server installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS, Fedora, openSUSE, Amazon Linux 2 and Raspberry Pi OS
A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.
Database anonymization, synthetic data generation and logical dump
veinmind-tools 是由长亭科技自研,基于 veinmind-sdk 打造的容器安全工具集
OSX and iOS related security tools
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web...
各种安全相关思维导图整理收集。渗透步骤,web安全,CTF,业务安全,人工智能,区块链安全,数据安全,安全开发,无线安全,社会工程学,二进制安全,移动安全,...
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Industry-leading free, high-performance, AI and semantic technology Web Application Firewall and API Security Gateway (WAAP) - UUSEC WAF.
开源、轻量、快速、跨平台 的网站漏洞扫描工具,帮助您快速检测网站安全隐患。功能 端口扫描(port scan) 指纹识别(fingerprint) 漏洞检测(nday check) 智能爆破...
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory enviro...
Checklist for container security - devsecops practices
Secure Boot & Measured Boot for NixOS [maintainers=@blitz @raitobezarius @nikstur]
🧵 CLI tool for directly patching container images!
The most flexible and standards-compliant OpenID Connect and OAuth 2.x framework for ASP.NET Core
safely install npm packages by auditing them pre-install stage
A chronological and (hopefully) complete list of reentrancy attacks to date.
A service that analyzes docker images and scans for vulnerabilities
A Suricata based NDR distribution
Sandbox your local AI agents so they can read/write only what they need
Extract one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR...
DarkFlare Firewall Piercing (TCP over CDN)
🚫 Advanced tool for security researchers to bypass 403/40X restrictions through smart techniques and adaptive request manipulation. Fast. Precise. Ef...
Miscellaneous exploit code
A Anti-DDoS script to protect Nginx web servers using Lua with a HTML Javascript based authentication puzzle inspired by Cloudflare I am under attack...
A next generation version of enum4linux (a Windows/Samba enumeration tool) with additional features like JSON/YAML export. Aimed for security professi...
一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出
A curation of awesome tools, documents and projects about LLM Security.
GnuPG symmetric secrets manager using Bash.
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Advanced dork Search & Mass Exploit Scanner
A curated list of awesome resources related to executable packing