A curated list of GPT agents for cybersecurity

Automation to assess the state of your M365 tenant against CISA's baselines

hakip2host takes a list of IP addresses via stdin, then does a series of checks to return associated domain names.

The useful exploit finder

random dissectors

🤗 Transformers: State-of-the-art Machine Learning for Pytorch, TensorFlow, and JAX.

Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.

PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A curated list wordlists for bruteforcing and fuzzing

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Discover nodes in cloud environments

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Awesome cloud enumerator

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

Kubernetes Operations (kOps) - Production Grade k8s Installation, Upgrades and Management

This code calculates the most similar allowed glyph to an international character, used for fraud detection on domains

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

Bugbounty Resources

Hackvertor tags i've created

CatSniffer is an original multiprotocol and multiband board for sniffing, communicating, and attacking IoT (Internet of Things) devices using the latest radio IoT protocols. It is a highly portable…

Bruteforcing from various scanner output - Automatically attempts default creds on found services.

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, …

WeirdAAL (AWS Attack Library)

A DNS Bruteforcing Wordlist Generator

A post exploitation framework designed to operate covertly on heavily monitored environments

Writing custom backdoor payloads with C# - Defcon 27 Workshop

A list of resources for those interested in getting started in bug bounties

This challenge is Inon Shkedy's 31 days API Security Tips.