OWASP Foundation web repository

A curated list of cybersecurity tools and resources.

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

A Very Vulnerable Node.js Express.js Web Application and API. Used for testing Security tools, Application security and penetration testing. Using Swagger, Sqlite, Sequelize.

A Decentralized Operating System for ZK Applications

Phone Radar is a simple tool that allows you to scan mobile phone numbers and display the provider tied to the number, can be usefull to identify some spam call

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. …

Social networking technology created by Bluesky

Repository of configurations built while documenting the basics of NixOS, Home-Manager, and Flakes.

Open-source web platform used to create live reporting dashboards from APIs, MongoDB, Firestore, MySQL, PostgreSQL, and more 📈📊

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

Kernel exploit for Xbox SystemOS using CVE-2024-30088

TypeScript implementation of the DXOS protocols, SDK, toolchain and Composer.

A MidiPipe AppleScript that enables Maschine 2 users to use a LaunchPad MK3 Mini to control patterns in Maschine

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…

A collection of open source and commercial tools that aid in red team operations.

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Dashboard for conducting Backdoors and Breaches sessions over Zoom.

A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.

A simple Google Protobuf Decoder for Burp

A monster cheatsheet on MITM attacks

A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.

A fast and comprehensive tool for organizational network scanning

Active Directory and Internal Pentest Cheatsheets

🕵️‍♂️ Offensive Google framework.