Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.

Public research documentation, methodology, and STIX examples for TI Mindmap HUB - an AI-powered Cyber Threat Intelligence platform

Visualisation simple et modulaire d'une cartographie applicative

Collection of publicly available IPTV channels from all over the world

A Simple and Universal Swarm Intelligence Engine, Predicting Anything. 简洁通用的群体智能引擎，预测万物

Web-based IOC management platform with threat intelligence enrichment for SOC teams

Unified Vulnerability Intelligence Platform

A curated list of cybersecurity tools and resources.

Interactive tabletop exercise application for testing cybersecurity incident response plans. Based on NCSC NZ Rolls & Responders framework.

CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, BIA, Privacy, and Reporting. It supports 150+ global frameworks with automatic control mapping,…

JumpServer is an open-source Privileged Access Management (PAM) platform that provides DevOps and IT teams with on-demand and secure access to SSH, RDP, Kubernetes, Database and RemoteApp endpoints…

A massive collection of Cybersecurity papers, guides and reports.

Official collection of HackInBo® talks, slides, and event programs.

Hunting queries and detections

A fancy self-hosted monitoring tool

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Best practices for segmentation of the corporate network of any company

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to by…

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Some great resources to gather OSINT on Email Addresses & Usernames. Alternatively check the exposure of your Email & Username.

A curated list of awesome social engineering resources.

A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

WAU daily updates apps as system and notify connected users. (Allowlist and Blocklist support)

AIL project training materials

The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

A collection of several hundred online tools for OSINT

Tools and Techniques for Blue Team / Incident Response