security

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Sur...

syzkaller is an unsupervised coverage-guided kernel fuzzer

Example recipes for Kubernetes Network Policies that you can just copy paste

Centralized network visibility and continuous asset discovery. Monitor devices, detect change, and stay aware across distributed networks.

Monitor linux processes without root permissions

curl-impersonate: A special build of curl that can impersonate Chrome & Firefox

A Tool for Domain Flyovers

An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication,...

Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!

An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems fo...

OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.

Kubernetes clusters for the hobbyist.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Top disclosed reports from HackerOne

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

A curated list of awesome infosec courses and training resources.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Scalable fuzzing infrastructure.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

Snyk CLI scans and monitors your projects for security vulnerabilities.

The Network Execution Tool

🧱 secure, local, cross-platform and programmable sandboxes for AI agents

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密...

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Automated Mass Exploiter

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Study Notes For Web Hacking / Web安全学习笔记

Private front-end for Reddit

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

📖 Unofficial WireGuard Documentation: Setup, Usage, Configuration, and full example setups for VPNs supporting both servers & roaming clients.

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detectio...

A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar

Cameradar hacks its way into RTSP videosurveillance cameras

Google CTF

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Free Security and Hacking eBooks

ClearURLs is an add-on based on the new WebExtensions technology and will automatically remove tracking elements from URLs to help protect your privac...

Kanidm: A simple, secure, and fast identity management platform

An Efficient Enterprise-class Container Engine

security tips for startups

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

BleachBit system cleaner for Windows and Linux

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at m...

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devic...

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting