Trending repositories for topic security
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A collection of various awesome lists for hackers, pentesters and security researchers
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents
Open-source RAG Framework for building GenAI Second Brains 🧠 Build productivity assistant (RAG) ⚡️🤖 Chat with your docs (PDF, CSV, ...) & apps using Langchain, GPT 3.5 / 4 turbo, Private, Anthropi...
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers. RedFlag's flexible configuration makes it valua...
RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers. RedFlag's flexible configuration makes it valua...
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC)
CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions, and check if disallowed providers aren't used
Ensure your password safety by scanning in real data breaches.
Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
An open-source security log auditing & RDP, VNC, SSH bastion platform, online demo: https://door.casvisor.com
xAST评价体系,让安全工具不再“黑盒”. The xAST evaluation benchmark makes security tools no longer a "black box".
An auto-updating list of shodan dorks with info on the amount of results they return!
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).
KloudDB Shield is a security tool that checks for CIS compliance - Postgres, MySQL and RDS
Script for Digispark Attiny85, ATMEGA32U4 to steal passwords, cookies and send to your mail
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A collection of various awesome lists for hackers, pentesters and security researchers
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Open-source RAG Framework for building GenAI Second Brains 🧠 Build productivity assistant (RAG) ⚡️🤖 Chat with your docs (PDF, CSV, ...) & apps using Langchain, GPT 3.5 / 4 turbo, Private, Anthropi...
A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers. RedFlag's flexible configuration makes it valua...
CLI to prevent malicious Terraform Providers from being executed. You can define the allow list of Terraform Providers and their versions, and check if disallowed providers aren't used
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
A dos (denial of service) attack for local networks using dead router attack (IPv6) and ARP attack (IPv4) simultaneously
KloudDB Shield is a security tool that checks for CIS compliance - Postgres, MySQL and RDS
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
Exynos Modem / Shannon baseband firmware loader for IDA Pro 8.x
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and add reviewers. RedFlag's flexible configuration makes it valua...
Open-source tool to build your Windows 10/11 script from scratch. It includes debloat, privacy, performance & app installing scripts.
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.
A collection of various awesome lists for hackers, pentesters and security researchers
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Open-source RAG Framework for building GenAI Second Brains 🧠 Build productivity assistant (RAG) ⚡️🤖 Chat with your docs (PDF, CSV, ...) & apps using Langchain, GPT 3.5 / 4 turbo, Private, Anthropi...
Fast and customizable vulnerability scanner based on simple YAML based DSL.
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
A very small, very simple, yet very secure encryption tool.
AdySec CF拉平镜像站 | 官方源可信度和稳定性最高,但国内访问速度较慢,通过众生平等Cloudflare,利用全球的边缘节点,将用户请求转发到离用户距离最近的节点,同时缓存静态内容加速,减少网络延迟和下载速度,使用Cloudflare Workers配置反代实现
Nuclei POC,每日更新 | 自动整合全网Nuclei的漏洞POC,实时同步更新最新POC,保存已被删除的POC。通过批量克隆Github项目,获取Nuclei POC,并将POC按类别分类存放,使用Github Action实现(已有11wPOC)
ARL 资产侦察灯塔系统(可运行,添加指纹,提高并发,升级工具及系统,无限制修改版) | ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
Ensure your password safety by scanning in real data breaches.
Community curated list of nuclei templates for finding "unknown" security vulnerabilities.
Exynos Modem / Shannon baseband firmware loader for IDA Pro 8.x
This repository contains various attack against Large Language Models.
KloudDB Shield is a security tool that checks for CIS compliance - Postgres, MySQL and RDS
Powerpipe: Dashboards for DevOps. Visualize cloud configurations. Assess security posture against a massive library of benchmarks. Build custom dashboards with code.
A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz)
Roadmap for Web Application Penetration Testing | FREE Resources (Not Pirated)
Arcjet JS SDKs. Rate limiting, bot protection, email verification & attack defense for Node.js, Next.js, Bun & SvelteKit.
📡 SPR: Open Source, secure, user friendly and fast wifi routers for your home. One wifi password per device. Ad Blocking & Privacy Blocklists. Policy Based Network Access
OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
The ultimate, most advanced, security, DeFi, assembly, web3 auditor course ever created.
🔒 Enterprise-grade API gateway that helps you monitor and impose cost or rate limits per API key. Get fine-grained access control and monitoring per user, application, or environment. Supports OpenAI...
The repo contains a series of challenges for learning Frida for Android Exploitation.
Logging Made Easy (LME) is a no-cost and open logging and protective monitoring solution serving all organizations.
A curation of awesome tools, documents and projects about LLM Security.
ARL官方仓库备份项目:ARL(Asset Reconnaissance Lighthouse)资产侦察灯塔系统旨在快速侦察与目标关联的互联网资产,构建基础资产信息库。 协助甲方安全团队或者渗透测试人员有效侦察和检索资产,发现存在的薄弱点和攻击面。
A framework to evaluate the generalization capability of safety alignment for LLMs
MasterParser is a powerful DFIR tool designed for analyzing and parsing Linux logs
A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
Open-source RAG Framework for building GenAI Second Brains 🧠 Build productivity assistant (RAG) ⚡️🤖 Chat with your docs (PDF, CSV, ...) & apps using Langchain, GPT 3.5 / 4 turbo, Private, Anthropi...
A collection of various awesome lists for hackers, pentesters and security researchers
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
A web security gateway, serve as a reverse proxy to protect your websites from attacks and exploits.
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents
♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI
🚀 An open and lightweight modification to Windows, designed to optimize performance, privacy and usability.
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
Fast and customizable vulnerability scanner based on simple YAML based DSL.
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.
The ultimate, most advanced, security, DeFi, assembly, web3 auditor course ever created.
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
Privacy-first, end-to-end encrypted Mail, Pages, Drive, and Calendar.
Browser Protector against various stealers, written in C# & C/C++.
A reading list for large models safety, security, and privacy (including Awesome LLM Security, Safety, etc.).
Simple Windows and Linux keystroke injection tool that exfiltrates stored WiFi data (SSID and password).
A compact, versatile, and misuse-resistant library for end-to-end-encryption
Welcome to the Bug Hunter's Wordlists repository! 🐛🔍 This repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiast...
🔓A curated list of modern Android exploitation conference talks.