Stars
The open-source ElevenLabs alternative for local voice cloning, design, create, dubbing and dictation Desktop App
This directory focuses exclusively on Threat Modeling Tools—software, code, libraries, or services that automate, guide, or support the design-time threat modeling process.
Agentic prompts are the most important code you're not engineering. PromptKit fixes that — composable, version-controlled prompt components (personas, protocols, formats, templates) that snap toget…
A coverage-guided REST API fuzzer developed on top of LibAFL
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
CVSS calculator and tooling public resources
Advisories, guidance, best practice documents and more issued by members of the EU CSIRTs network, a network composed of EU Member States’ appointed CSIRTs and CERT-EU.
Extract URLs, paths, secrets, and other interesting bits from JavaScript
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatab…
Extracts and formats text annotations from a PDF file
NextJS-based single-page application for completing and reviewing SAMM assessments
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
A vulnerability scanner for container images and filesystems
Streamline vulnerability patching with CVSS, EPSS, and CISA's Known Exploited Vulnerabilities. Prioritize actions based on real-time threat information, gain a competitive advantage, and stay infor…
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
OpenSSF Scorecard - Security health metrics for Open Source
Learn about insecure deserialization attacks
Play Onitama in your browser, compete with friends or lose to a bot
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
A fancy self-hosted monitoring tool
📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
🌙🦊 Dalfox is a powerful open-source XSS scanner and utility focused on automation.
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.