Materialize, a CSS Framework based on Material Design

Metasploit Framework

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Awesome-LLM: a curated list of Large Language Model

Find, verify, and analyze leaked credentials

cloc counts blank lines, comment lines, and physical lines of source code in many programming languages.

🍻 A CLI workflow for the administration of macOS applications distributed as binaries

The official Python SDK for Model Context Protocol servers and clients

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…

A PowerShell environment for Git

Tfsec is now part of Trivy

An implementation of the TLS/SSL protocols

Generate documentation from Terraform modules in various output formats

A plugin that allows branch analysis and pull request decoration in the Community version of Sonarqube

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Asahi Linux documentation

An open source threat modeling tool from OWASP

CLI tool to visualise CloudFormation/SAM/CDK stacks as visjs networks, draw.io or ascii-art diagrams.

Kubernetes configuration tracking controller

OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST),…

Web Application Security Scanner

free monthly courses, exam vouchers, and scholarships from various websites. Don't forget to star ⭐ this repository.

OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, an…

SecHub provides a central API to test software with different security tools.

A set of policies, standards and control procedures with mapping to HIPAA, NIST CSF, PCI DSS, SOC2, FedRAMP, CIS Controls, and more.

User-friendly documentation for the SARIF file format.

A collection of companies that disclose adversary TTPs after they have been breached

Simple and accurate guide for linux privilege escalation tactics

AWS Step Functions is an orchestration service for reliably executing multi-step processes using visual workflows. This repository includes detailed examples that will help you unlock the power of …