Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Monitor Network Traffic Per Executable, Beautifully Visualized

A community sourced list of log4j-affected software

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Database security suite. Database proxy with field-level encryption, search through encrypted data, SQL injections prevention, intrusion detection, honeypots. Supports client-side and proxy-side ("…

Clone this repo to build Frida

Bitwarden infrastructure/backend (API, database, Docker, etc).

unofficial bitwarden cli

Open Policy Agent WebAssembly NPM module (opa-wasm)

Open Policy Agent (OPA) is an open source, general-purpose policy engine.

Write tests against structured configuration data using the Open Policy Agent Rego query language

🐊 Gatekeeper - Policy Controller for Kubernetes

铜锁/Tongsuo is a Modern Cryptographic Primitives and Protocols Library

The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!

Find secrets with Gitleaks 🔑

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

Protect your SIP Servers from bad actors at https://sentrypeer.org

Firmware Analysis Tool

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Open source alternative to Auth0 / Firebase Auth / AWS Cognito

Ettercap Project

Provides AWS STS credentials based on Google Apps SAML SSO auth (what a jumble!)

Simple and flexible tool for managing secrets

Ghidra is a software reverse engineering (SRE) framework

Headless cloud-native authentication and identity management written in Go. Scales to a billion+ users. Replace Homegrown, Auth0, Okta, Firebase with better UX and DX. Passkeys, Social Sign In, OID…

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.

Netmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.

Information gathering framework for phone numbers