Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

BINSEC binary-level open-source platform

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

Open source templates you can use to bootstrap your security programs

This repo contains the code for my secure code review challenges

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

A free + OSS logo generator powered by Flux on Together AI

HTTP redirection service designed to help bypass SSRF filters. Integrated with Burp Suite.

Dive Deep into Your Code - A lightweight and powerful static analysis tool to uncover vulnerabilities, strengthen security, and ensure quality in your Java and JSP projects. Let your code tell its …

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

Janus-Series: Unified Multimodal Understanding and Generation Models

🔎 Static code analysis engine to find security issues in code.

Jan is an open source alternative to ChatGPT that runs 100% offline on your computer

CloudMapper helps you analyze your Amazon Web Services (AWS) environments.

A comprehensive collection of cheatsheets for reverse engineering, binary analysis, and assembly programming tools. This repository serves as a one-stop reference for security researchers, reverse …

CTF challenge (mostly pwn) files, scripts etc

SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across …

A website banner you can load to show solidarity with Palestine

Tracking RISC-V Actions on Education, Training, Courses, Monitorships, etc.

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

PEDA - Python Exploit Development Assistance for GDB

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

Practical course: Advanced Systems Programming in C/Rust -- WiSe 2023

Web Application Penetration Testing

List of fuzzing resources for learning Fuzzing and initial phases of Exploit Development like root cause analysis

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.