security

Symbolic execution tool

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF langua...

💚 Secure remote browsing anywhere.

Awesome hacking is an awesome collection of hacking tools.

Portable OpenSSH

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

An step by step fuzzing tutorial. A GitHub Security Lab initiative

Fast and powerful SSL/TLS scanning library.

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

💡 A hinting engine for the web

Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.

Advanced vulnerability scanning with Nmap NSE

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Cloud Security Posture Management (CSPM)

👀👮🐢🔥Performs a privacy & security check of Windows 10

State-of-the-art native debugging tools

OSCP Cheat Sheet

bluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS

Sōzu HTTP reverse proxy, configurable at runtime, fast and safe, built in Rust. It is awesome!

巡风是一款适用于企业内网的漏洞快速应急，巡航扫描系统。

Security-related Slide Presentation & Security Research Report（大安全各领域各公司各会议分享的PPT以及各类安全研究报告）

📝 Frontend Tech List for Developers 💡

A next-generation cloud native kernel designed to unlock best-in-class performance, security primitives and efficiency savings.

Laravel Eloquent roles and abilities.

Open-source security automation platform for teams and AI agents

Privacy and Security focused Segment-alternative, in Golang and React

Distributed private networking

一款适用于以HW行动/红队/渗透测试团队为场景的移动端(Android、iOS、WEB、H5、静态网站)信息收集扫描工具，可以帮助渗透测试工程师、攻击队成员、红队成员快速...

Atomic and non-atomic counters and rate limiting tools. Limit resource access at any scale.

UNIX-like reverse engineering framework and command-line toolset.

Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能

Rapidly Search and Hunt through Windows Forensic Artefacts

🎯 Command Injection Payload List

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

⚔️Windows11 Penetration Suite Toolkit 🔰 The First Windows Penetration Testing Environment on Mac M Chips

List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software.

A full-stack AI Red Teaming platform securing AI ecosystems via OpenClaw Security Scan, Agent Scan, Skills Scan, MCP scan, AI Infra scan and LLM jailb...

Reusable, vendor-neutral, industry-specific, vendor-specific solution architecture patterns for enterprise

Practical Ethical Hacking Labs 🗡🛡

EMBA - The firmware security analyzer

TextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLP https://textattack.readthedocs.io/en/master...

A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

一个基于✨HOOK机制的微信机器人，支持🌱安全新闻定时推送【FreeBuf，先知，安全客，奇安信攻防社区】，👯Kfc文案，⚡漏洞查询，⚡手机号归属地查询，⚡知识库查...

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, fore...

An ArchLinux based distribution for penetration testers and security researchers.