security

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Sur...

Reconnaissance tool for GitHub organizations

syzkaller is an unsupervised coverage-guided kernel fuzzer

Example recipes for Kubernetes Network Policies that you can just copy paste

Monitor linux processes without root permissions

curl-impersonate: A special build of curl that can impersonate Chrome & Firefox

A Tool for Domain Flyovers

An Android NFC app for reading, writing, analyzing, etc. MIFARE Classic RFID tags.

OpenBao is a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.

☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication,...

Passbolt Community Edition (CE) API. The JSON API for the open source password manager for teams!

An open-source authorization as a service inspired by Google Zanzibar, designed to build and manage fine-grained and scalable authorization systems fo...

🧱 secure, local and programmable sandboxes for AI agents

Top disclosed reports from HackerOne

Kubernetes clusters for the hobbyist.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

A curated list of awesome infosec courses and training resources.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Scalable fuzzing infrastructure.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

Snyk CLI scans and monitors your projects for security vulnerabilities.

The Network Execution Tool

Ladon大型内网渗透扫描器，PowerShell、Cobalt Strike插件、内存加载、无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密...

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Automated Mass Exploiter

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Study Notes For Web Hacking / Web安全学习笔记

Private front-end for Reddit

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

A high performance and flexible authorization/permission engine built for developers and inspired by Google Zanzibar

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskill...

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

📖 Unofficial WireGuard Documentation: Setup, Usage, Configuration, and full example setups for VPNs supporting both servers & roaming clients.

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detectio...

Cameradar hacks its way into RTSP videosurveillance cameras

🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.

Google CTF

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

BleachBit system cleaner for Windows and Linux

w3af: web application attack and audit framework, the open source web vulnerability scanner.

Kanidm: A simple, secure, and fast identity management platform

Free Security and Hacking eBooks

ClearURLs is an add-on based on the new WebExtensions technology and will automatically remove tracking elements from URLs to help protect your privac...

An Efficient Enterprise-class Container Engine

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

security tips for startups

Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at m...

Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devic...