Trending repositories for topic security
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
serve as a reverse proxy to protect your web services from attacks and exploits.
A collection of various awesome lists for hackers, pentesters and security researchers
JavaSecLab是一款综合型Java漏洞平台,提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范,覆盖多种漏洞场景,友好用户交互UI……
openai-captcha-detection 是一个使用 OpenAI 进行验证码识别的工具。目前验证码识别准确率100%,通过调用 OpenAI 的 API,这个项目可以实现对复杂验证码图片的文本识别,帮助开发者在验证码处理场景中进行自动化操作。
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
Automation to assess the state of your M365 tenant against CISA's baselines
🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
一个基于✨HOOK机制的微信机器人,支持🌱安全新闻定时推送【FreeBuf,先知,安全客,奇安信攻防社区】,👯Kfc文案,⚡备案查询,⚡手机号归属地查询,⚡WHOIS信息查询,🎉星座查询,⚡天气查询,🌱摸鱼日历,⚡微步威胁情报查询, 🐛美女视频,⚡美女图片,👯帮助菜单。📫 支持积分功能,⚡支持自动拉人,⚡检测广告,🌱自动群发,👯Ai回复,😄自定义程度丰富,小白也可轻松上手!
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents
openai-captcha-detection 是一个使用 OpenAI 进行验证码识别的工具。目前验证码识别准确率100%,通过调用 OpenAI 的 API,这个项目可以实现对复杂验证码图片的文本识别,帮助开发者在验证码处理场景中进行自动化操作。
JavaSecLab是一款综合型Java漏洞平台,提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范,覆盖多种漏洞场景,友好用户交互UI……
portchecker.io is a free online utility to check the port status of a given hostname or IP address.
Hide and safeguard emails from bots. Obfuscate emails in PHP and Laravel.
CLI tool to scan URLs for suspicious keywords, extensions, paths, and hidden files.
A multi-vault secret injection tool for safely injecting secrets into app environment
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
A multifaceted security tool which leverages Public GitHub REST APIs for OSINT, Forensics, Pentesting and more.
Awesome-Jailbreak-on-LLMs is a collection of state-of-the-art, novel, exciting jailbreak methods on LLMs. It contains papers, codes, datasets, evaluations, and analyses.
Blocklist for newly created scam and phishing domains automatically retrieved daily using Google Search API, automated detection, and other public sources.
NamespaceHound is the tool for detecting the risk of potential namespace crossing violations in multi-tenant clusters.
Next-gen React Native library for Bcrypt hashing, using pure C++ with Turbo Modules and multithreading for superior performance
This is an open-source sample of a CDK script which deploys an Elastic Beanstalk application with a hardened security configuration, it accompanies this blogpost: https://aws.amazon.com/blogs/security...
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A collection of various awesome lists for hackers, pentesters and security researchers
serve as a reverse proxy to protect your web services from attacks and exploits.
JavaSecLab是一款综合型Java漏洞平台,提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范,覆盖多种漏洞场景,友好用户交互UI……
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
一个基于✨HOOK机制的微信机器人,支持🌱安全新闻定时推送【FreeBuf,先知,安全客,奇安信攻防社区】,👯Kfc文案,⚡备案查询,⚡手机号归属地查询,⚡WHOIS信息查询,🎉星座查询,⚡天气查询,🌱摸鱼日历,⚡微步威胁情报查询, 🐛美女视频,⚡美女图片,👯帮助菜单。📫 支持积分功能,⚡支持自动拉人,⚡检测广告,🌱自动群发,👯Ai回复,😄自定义程度丰富,小白也可轻松上手!
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
A tool which is uses to remove Windows Defender in Windows 8.x, Windows 10 (every version) and Windows 11.
🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Cerbos is the open core, language-agnostic, scalable authorization solution that makes user permissions and authorization simple to implement and manage by writing context-aware access control policie...
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Hide and safeguard emails from bots. Obfuscate emails in PHP and Laravel.
CLI tool to scan URLs for suspicious keywords, extensions, paths, and hidden files.
JavaSecLab是一款综合型Java漏洞平台,提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范,覆盖多种漏洞场景,友好用户交互UI……
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
portchecker.io is a free online utility to check the port status of a given hostname or IP address.
A comprehensive systems programming toolkit implementing low-level concepts in C, from memory management to OS internals. Features practical implementations of computer architecture concepts with a fo...
A multi-vault secret injection tool for safely injecting secrets into app environment
A Completely Modular LLM Reverse Engineering, Red Teaming, and Vulnerability Research Framework.
Awesome-Jailbreak-on-LLMs is a collection of state-of-the-art, novel, exciting jailbreak methods on LLMs. It contains papers, codes, datasets, evaluations, and analyses.
Next-gen React Native library for Bcrypt hashing, using pure C++ with Turbo Modules and multithreading for superior performance
A curated list of awesome resources about the security of space systems.
openai-captcha-detection 是一个使用 OpenAI 进行验证码识别的工具。目前验证码识别准确率100%,通过调用 OpenAI 的 API,这个项目可以实现对复杂验证码图片的文本识别,帮助开发者在验证码处理场景中进行自动化操作。
Secure your Next.js applications with @shipsecure/eslint-plugin-next, an ESLint plugin designed to detect and prevent common security vulnerabilities.
CLI tool to scan URLs for suspicious keywords, extensions, paths, and hidden files.
Gixposed is a powerful command-line tool designed to search the commit history of Git repositories for sensitive information, such as API keys and access tokens. Its purpose is to help developers and ...
A Completely Modular LLM Reverse Engineering, Red Teaming, and Vulnerability Research Framework.
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A collection of various awesome lists for hackers, pentesters and security researchers
serve as a reverse proxy to protect your web services from attacks and exploits.
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
Firefox user.js for speed, privacy, and security. Your favorite browser, but better.
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
JavaSecLab是一款综合型Java漏洞平台,提供相关漏洞缺陷代码、修复代码、漏洞场景、审计SINK点、安全编码规范,覆盖多种漏洞场景,友好用户交互UI……
Copy links from the sharing menu with automatic removal of shorteners and trackers
A multi-vault secret injection tool for safely injecting secrets into app environment
This repository contains CoinFabrik's ongoing research and development to extend CodeQL support to the Solidity smart contract language. By leveraging the foundational work done by the CodeQL team for...
portchecker.io is a free online utility to check the port status of a given hostname or IP address.
AuditForge is a pentest reporting application making it simple and easy to write your findings and generate a customizable report.
Awesome-Jailbreak-on-LLMs is a collection of state-of-the-art, novel, exciting jailbreak methods on LLMs. It contains papers, codes, datasets, evaluations, and analyses.
Terraform templates for CI/CD to Cloud federation and Cloud2Cloud IAM federations
Frida Script Runner is a versatile web-based tool designed for Android and iOS penetration testing purposes.
Auth Inbox 📬 is a self-hosted, open-source platform for receiving multiple email verification codes and real-time notifications, built using Cloudflare's free services. | Auth Inbox 📬 是一个自建的开源多邮箱验证码...
The open source Tines / Splunk SOAR alternative for security engineers.
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
PostgreSQL database anonymization and synthetic data generation tool
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).
The repo contains a series of challenges for learning Frida for Android Exploitation.
The successor to xp-AntiSpy, designed for the modern Windows experience
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC,已校验有效性并去重)
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
ARL 资产侦察灯塔系统(可运行,添加指纹,提高并发,升级工具及系统,无限制修改版) | ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Make your GenAI Apps Safe & Secure :rocket: Test & harden your system prompt
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A collection of various awesome lists for hackers, pentesters and security researchers
Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore:...
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
serve as a reverse proxy to protect your web services from attacks and exploits.
AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents
🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the int...
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
The open source Tines / Splunk SOAR alternative for security engineers.
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
Papers and resources related to the security and privacy of LLMs 🤖
A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).
The successor to xp-AntiSpy, designed for the modern Windows experience
A jailbreak tool for all arm64 devices on iOS 16.0 to iOS 16.6.1
A very small, very simple, yet very secure encryption tool.
Privacy-first, end-to-end encrypted Mail, Pages, Drive, and Calendar.
BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research...
Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.
Hoop.dev is an open-source access gateway that provides secure, seamless, and audited access to databases and infrastructure without exposing credentials or sensitive data.
Copy links from the sharing menu with automatic removal of shorteners and trackers
A compact, versatile, and misuse-resistant library for end-to-end-encryption