security

eBPF-based Security Observability and Runtime Enforcement

⚔️ Web Hacker's Weapons / A collection of cool tools used by Web hackers. Happy hacking , Happy bug-hunting

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for...

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Knowledge Base 慢雾安全团队知识库

A binary authorization and monitoring system for macOS

Популярные HTML / CSS / JavaScript / ECMAScript / TypeScript / React / Vue / Angular / Node вопросы на интервью и ответы на них (https://tinyurl.com/w...

The Leading Security Assessment Framework for Android.

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Linux Runtime Security and Forensics using eBPF

Aya is an eBPF library for the Rust programming language, built with a focus on developer experience and operability.

CTF竞赛权威指南

📃 White paper for Backend developers

List of Awesome CobaltStrike Resources

:key: Cross-Platform Passwords & Secrets Vault

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and mana...

Secure internet sharing made simple.

Applied offensive security with Rust - https://kerkour.com/black-hat-rust

Collection of the cheat sheets useful for pentesting

Fully featured, open source, privacy friendly email app for Android

Web-Security-Learning

An OOB interaction gathering server and client library

Kscan是一款纯go开发的全方位扫描器，具备端口扫描、协议检测、指纹识别，暴力破解等功能。支持协议1200+，协议指纹10000+，应用指纹20000+，暴力破解协议10余种...

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build...

Mythril is a symbolic-execution-based securty analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereu...

Static analysis for GitHub Actions

Tamper Dev is an extension that allows you to intercept and edit HTTP/HTTPS requests and responses as they happen without the need of a proxy. Works a...

🚗 A curated list of resources for learning about vehicle security and car hacking.

A collected list of awesome security talks

🐊 Policy Controller for Kubernetes

🧰 A zero trust swiss army knife for working with X509, OAuth, JWT, OATH OTP, etc.

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Hubble - Network, Service & Security Observability for Kubernetes using eBPF

Knock Subdomain Scan

Valet lets you securely store data in the iOS, tvOS, watchOS, or macOS Keychain without knowing a thing about how the Keychain works. It’s easy. We pr...

scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.

An experiment.

FEDML - The unified and scalable ML library for large-scale distributed training, model serving, and federated learning. FEDML Launch, a cross-cloud s...

Advanced vm/sandbox for Node.js

Dark Web OSINT Tool

🛡 I2P: End-to-End encrypted and anonymous Internet

Boundary enables identity-based access management for dynamic infrastructure.

✔️ Secure, simple key-value storage for Android

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DN...

CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports 130+ global...

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Snoop — инструмент разведки на основе открытых данных (OSINT world)