Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

The Browser Exploitation Framework Project

Deliberately making password creation a true hell

This is the Cloudflare Worker public API for deliberately making password creation hell

AWSGoat : A Damn Vulnerable AWS Infrastructure

The official repo for Blokada apps.

proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" fo…

Leaked slides and labs

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

SocialPwned is an OSINT tool that allows to get the emails, from a target, published in social networks such as Instagram, Linkedin and Twitter to find possible credentials leaks in PwnDB or Dehash…

GUAC aggregates software security metadata into a high fidelity graph database.

OpenSSF Scorecard - Security health metrics for Open Source

🤖 The Modern Port Scanner 🤖

Unbound is a validating, recursive, and caching DNS resolver.

A next-generation crawling and spidering framework.

The Official USB Rubber Ducky Payload Repository

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Metasploit Framework

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Memory acquisition for Linux that makes sense.

Miscellaneous Tools

GitHub Data Analysis Framework.

Nikto web server scanner

OWASP Foundation Web Respository

OWASP Coimbatore's Web & Project Repository

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to invest…