Trending repositories for topic infosec
Hunt down social media accounts by username across social networks
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
🔥 Web-application firewalls (WAFs) from security standpoint.
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
A collection of awesome security hardening guides, tools and other resources
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform f...
An auto-updating list of shodan dorks with info on the amount of results they return!
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
List of CyberSecurity Resources and some different Sub-Domains of CyberSecurity
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.
Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
Find exposed API keys based on RegEx and get exploitation methods for some of keys that are found
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
Public Repository of Open Source Tools for Cyber Threat Intelligence Analysts and Researchers
Hunt down social media accounts by username across social networks
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
CLI tool for fetching URLs from Wayback Machine, Common Crawl, and VirusTotal.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
🔥 Web-application firewalls (WAFs) from security standpoint.
A list of interesting payloads, tips and tricks for bug bounty hunters.
A collection of awesome security hardening guides, tools and other resources
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
📸 an Instagram tracking script that logs any changes to an Instagram account (followers, following, posts, and bio) written in Python.
Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.
Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform f...
Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.
Unprotect is a collaborative platform dedicated to uncovering and documenting malware evasion techniques. We invite you to join us in this exciting journey and add your expertise to our collective eff...
List of CyberSecurity Resources and some different Sub-Domains of CyberSecurity
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
An auto-updating list of shodan dorks with info on the amount of results they return!
[WIP] A forked version of LLVM-18 that prioritizes MSVC compatibility. This version is tailored for Windows users.
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3. May be updated periodically.
Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
CLI tool for fetching URLs from Wayback Machine, Common Crawl, and VirusTotal.
Hunt down social media accounts by username across social networks
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
A list of interesting payloads, tips and tricks for bug bounty hunters.
🔥 Web-application firewalls (WAFs) from security standpoint.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
📸 an Instagram tracking script that logs any changes to an Instagram account (followers, following, posts, and bio) written in Python.
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
Stratosphere Cyber Range to learn cybersecurity attacking and defending techniques locally in your computer
Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform f...
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
A curated list of wordlists for discovery, enumeration, fuzzing, and exploitation.
A personal list of various resources for those who are interested in learning about infosec and hacking and keeping themselves up to date. This is by no means a complete nor fresh list, but I occasion...
Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.
A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.
This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...
A collection of agents that use Large Language Models (LLMs) to perform tasks common on our day to day jobs in cyber security.
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
An auto-updating list of shodan dorks with info on the amount of results they return!
Coeus 🌐 is an OSINT ToolBox empowering users with tools for effective intelligence gathering from open sources. From social media monitoring 📱 to data analysis 📊, it offers a centralized platform f...
📸 an Instagram tracking script that logs any changes to an Instagram account (followers, following, posts, and bio) written in Python.
Stratosphere Cyber Range to learn cybersecurity attacking and defending techniques locally in your computer
A collection of agents that use Large Language Models (LLMs) to perform tasks common on our day to day jobs in cyber security.
Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
Virus.xcheck is a Python tool designed to bulk verify the existence of file hashes in the Virus Exchange database and fetch download URLs for malware analysis.
NidhoggScript is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
A tool that allows you to document and assess any security automation in your SOC
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
The project serves as a strategic advisory tool, capitalizing on the ZySec series of AI models to amplify the capabilities of security professionals in cyber defense and intelligence.
Hunt down social media accounts by username across social networks
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous mon...
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
🕵️ OSINT Tools for gathering information and actions forensics 🕵️
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
A collection of awesome security hardening guides, tools and other resources
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
🔥 Web-application firewalls (WAFs) from security standpoint.
This Python application is an OSINT (Open Source Intelligence) tool called "Ominis OSINT - Web Hunter." It performs online information gathering by querying Google for search results related to a user...
A good selection of Privacy & Infosec tools that will help you understand more about how to protect your online privacy and security.
Pentesting and Bug Bounty Notes, Cheetsheets and Guide for Ethical Hacker, Whitehat Pentesters and CTF Players.
Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery.
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
List of CyberSecurity Resources and some different Sub-Domains of CyberSecurity
Modern web-based distributed hashcracking solution, built on hashcat
A tool that allows you to document and assess any security automation in your SOC
A curated list of wordlists for discovery, enumeration, fuzzing, and exploitation.
Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
PoC showcasing new DarkGate Install Script retrieval technique via DNS TXT Record
Study materials for the Certified Red Team Expert (CRTE) exam, covering essential concepts in red teaming and penetration testing.
