Trending repositories for topic cybersecurity

serve as a reverse proxy to protect your web services from attacks and exploits.

Hunt down social media accounts by username across social networks

Maltego Transforms for working with Telegram

Automation to assess the state of your M365 tenant against CISA's baselines

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

Open Cyber Threat Intelligence Platform

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, cov...

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

The ESP32-BlueJammer (Bluetooth jammer, BLE jammer, WiFi jammer, RC jammer) disrupts various devices using an ESP32 and nRF24 modules, causing plenty of noise and sending unnecessary packets (DoS). It...

🛡️ Open-source and next-generation Web Application Firewall (WAF)

Attack Surface Management Platform

A multi-vault secret injection tool for safely injecting secrets into app environment

Tools and Techniques for Red Team / Penetration Testing

Maltego Transforms for working with Telegram

CLI tool for fetching URLs from Wayback Machine, Common Crawl, and VirusTotal.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

CLI tool to scan URLs for suspicious keywords, extensions, paths, and hidden files.

A multi-vault secret injection tool for safely injecting secrets into app environment

TeamServer and Client of Exploration Command and Control Framework

AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.

Project Mantis: Hacking Back the AI-Hacker; Prompt Injection as a Defense Against LLM-driven Cyberattacks

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

A collection of Open-Source Intelligence resources.

LotL RMM

Automation to assess the state of your M365 tenant against CISA's baselines

The ESP32-BlueJammer (Bluetooth jammer, BLE jammer, WiFi jammer, RC jammer) disrupts various devices using an ESP32 and nRF24 modules, causing plenty of noise and sending unnecessary packets (DoS). It...

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

A curated list of annual cyber security reports

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump...

RedTiger-Tools is a free multi-tool with many features in the areas of Cybersecurity, Pentesting, OSINT, Network Scanning, Discord and Hacking.

termux4all is not a project or something. This is some packages that can be used for the development and security purposes on android phone using the termux app itself. The main purpose of this proje...

Cybersecurity Knowledge Base

serve as a reverse proxy to protect your web services from attacks and exploits.

Hunt down social media accounts by username across social networks

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Maltego Transforms for working with Telegram

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Automation to assess the state of your M365 tenant against CISA's baselines

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, cov...

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

CLI tool to scan URLs for suspicious keywords, extensions, paths, and hidden files.

Open Cyber Threat Intelligence Platform

[NeurIPS 2024] SWE-agent takes a GitHub issue and tries to automatically fix it, using GPT-4, or your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges...

互联网资产综合扫描/攻击面测绘

CLI tool for fetching URLs from Wayback Machine, Common Crawl, and VirusTotal.

🛡️ Open-source and next-generation Web Application Firewall (WAF)

TeamServer and Client of Exploration Command and Control Framework

Maltego Transforms for working with Telegram

CLI tool to scan URLs for suspicious keywords, extensions, paths, and hidden files.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

TeamServer and Client of Exploration Command and Control Framework

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.

Project Mantis: Hacking Back the AI-Hacker; Prompt Injection as a Defense Against LLM-driven Cyberattacks

A collection of Open-Source Intelligence resources.

A multi-vault secret injection tool for safely injecting secrets into app environment

互联网资产综合扫描/攻击面测绘

SwitchToOpen - The open source shift

The DNA test for websites

I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump...

📸 an Instagram tracking script that logs any changes to an Instagram account (followers, following, posts, and bio) written in Python.

LotL RMM

Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.

ATT&CK Evaluations Library

A Windows CIS benchmark policy compliance auditor

A curated list of annual cyber security reports

Fully functional, from-scratch alternative to the Cobalt Strike Beacon (red teaming tool), offering transparency and flexibility for security professionals and enthusiasts.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

Maltego Transforms for working with Telegram

Project Mantis: Hacking Back the AI-Hacker; Prompt Injection as a Defense Against LLM-driven Cyberattacks

CLI tool to scan URLs for suspicious keywords, extensions, paths, and hidden files.

OpenAI o1 advanced reasoning powered vulnerable web page generator for testing and educational purposes

A tool for generating detailed, locally-processed reports from iOS backups, supporting encrypted and unencrypted data.

CLI tool for fetching URLs from Wayback Machine, Common Crawl, and VirusTotal.

Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and ...

Hunt down social media accounts by username across social networks

serve as a reverse proxy to protect your web services from attacks and exploits.

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, cov...

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

🛡️ Open-source and next-generation Web Application Firewall (WAF)

[NeurIPS 2024] SWE-agent takes a GitHub issue and tries to automatically fix it, using GPT-4, or your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges...

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

The ESP32-BlueJammer (Bluetooth jammer, BLE jammer, WiFi jammer, RC jammer) disrupts various devices using an ESP32 and nRF24 modules, causing plenty of noise and sending unnecessary packets (DoS). It...

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

Automation to assess the state of your M365 tenant against CISA's baselines

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Open Breach and Attack Simulation Platform

Open Cyber Threat Intelligence Platform

Cybersecurity oriented awesome list

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

A multi-vault secret injection tool for safely injecting secrets into app environment

A collection of Open-Source Intelligence resources.

Project Mantis: Hacking Back the AI-Hacker; Prompt Injection as a Defense Against LLM-driven Cyberattacks

A Malware Scarecrow for Windows 10/11 with a user-friendly touch.

A tool for generating detailed, locally-processed reports from iOS backups, supporting encrypted and unencrypted data.

SwitchToOpen - The open source shift

AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.

𝗖𝗼𝗺𝗽𝗹𝗲𝘁𝗲 𝗕𝘂𝗴 𝗕𝗼𝘂𝗻𝘁𝘆 𝗥𝗼𝗮𝗱𝗺𝗮𝗽 🎯

TeamServer and Client of Exploration Command and Control Framework

📸 an Instagram tracking script that logs any changes to an Instagram account (followers, following, posts, and bio) written in Python.

LotL RMM

互联网资产综合扫描/攻击面测绘

Git Exposed leverages the unintended exposure of .git directories to clone and reconstruct complete projects, providing a clear window into potential vulnerabilities.

Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.

All of my personal notes on topics including Hacking, Coding, Math, Data-Structures, and more! Open to all for use!

The Red-book: The Art of Offensive CyberSecurity

The ESP32-BlueJammer (Bluetooth jammer, BLE jammer, WiFi jammer, RC jammer) disrupts various devices using an ESP32 and nRF24 modules, causing plenty of noise and sending unnecessary packets (DoS). It...

The DNA test for websites

I developed a rigorous cybersecurity project portfolio on mock clients covering NIST, audits, Linux, SQL, assets, threats, vulnerabilities, detection, incident response, escalation, Wireshark, tcpdump...

[NeurIPS 2024] SWE-agent takes a GitHub issue and tries to automatically fix it, using GPT-4, or your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges...

The open source Tines / Splunk SOAR alternative for security engineers.

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

A resource containing all the tools each ransomware gangs uses

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

A detailed plan to achieve proficiency in hacking and penetration testing, with pathways including obtaining a degree in cybersecurity or earning relevant certifications.

The ESP32-BlueJammer (Bluetooth jammer, BLE jammer, WiFi jammer, RC jammer) disrupts various devices using an ESP32 and nRF24 modules, causing plenty of noise and sending unnecessary packets (DoS). It...

Emora is an OSINT tool like sherlock but with a GUI, which search for accounts by username across social networks

LC（List Cloud）是一个多云攻击面资产梳理工具

RedTiger-Tools is a free multi-tool with many features in the areas of Cybersecurity, Pentesting, OSINT, Network Scanning, Discord and Hacking.

Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).

Microsoft Security Copilot is a generative AI-powered security solution that helps increase the efficiency and capabilities of defenders to improve security outcomes at machine speed and scale, while ...

Every practical and proposed defense against prompt injection.

旨在以攻促防，针对Docker TCP socket的开源利用工具

An OSINT / digital forensics tool built in Python

🤖 Admyral enables continuous control monitoring for any custom control

内网渗透过程中搜寻指定文件内容，从而找到突破口的一个小工具

🎃 PumpBin is an Implant Generation Platform.

互联网资产综合扫描/攻击面测绘

Hunt down social media accounts by username across social networks

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

[NeurIPS 2024] SWE-agent takes a GitHub issue and tries to automatically fix it, using GPT-4, or your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges...

serve as a reverse proxy to protect your web services from attacks and exploits.

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, cov...

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artif...

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

🛡️ Open-source and next-generation Web Application Firewall (WAF)

A curated list of GPT agents for cybersecurity

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

The open source Tines / Splunk SOAR alternative for security engineers.

Open Cyber Threat Intelligence Platform

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit/64-bit ARM and embedded RISC-V architectures.

Tools and Techniques for Red Team / Penetration Testing

httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.

A collection of several hundred online tools for OSINT

Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

The open source Tines / Splunk SOAR alternative for security engineers.

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.

Emora is an OSINT tool like sherlock but with a GUI, which search for accounts by username across social networks

Pull Request-like Review/Approval flow for database queries. For compliant but smooth Engineering access to production.

skytrack is a planespotting and aircraft OSINT tool made using Python 🛩🔍

CISO Assistant is a one-stop-shop for GRC, covering Risk, AppSec and Audit Management and supporting +70 frameworks worldwide with auto-mapping: NIST CSF, ISO 27001, SOC2, CIS, PCI DSS, NIS2, CMMC, PS...

Deploy stealthy reverse shells using advanced process hollowing with GhostStrike – a C++ tool for ethical hacking and Red Team operations.

互联网资产综合扫描/攻击面测绘

Gram is Klarna's own threat model diagramming tool

Fully automated host & network intrusion detection platform. Detects malware from behavioural patterns rather than signatures and enables deeper visibility than legacy tools.

Generate wordlists from Github repositories

Every practical and proposed defense against prompt injection.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse eng...

PacketSpy

Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.

SCuBA Secure Configuration Baselines and assessment tool for Google Workspace

Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.

Taranis AI is an advanced Open-Source Intelligence (OSINT) tool, leveraging Artificial Intelligence to revolutionize information gathering and situational analysis.

The perfect butler for pentesters, bug-bounty hunters and security researchers

🚀 Python Learning Roadmap in 30 Days With Projects