Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Haiku drivers for Nvidia Turing+ GPUs based on official Nvidia kernel driver sources, Mesa NVK Vulkan Driver and Mesa Zink OpenGL driver

Open source research and talks on threat intelligence, fingerprinting, and fraud detection.

Hands-on secure code review training: learn to find vulnerabilities in Flask, Django, FastAPI through production-quality examples. Whitebox pentesting for modern web frameworks.

PoC and technical details of CVE-2025-24204

A scanner for the FortiNet vulnerability CVE-2025-64446

Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

Fast and Furious AMD Kernels

↕️🤫 Stealth redirector for your red team operation security

Automated YARA Rule Standardization and Quality Assurance Tool

YARA rule analyzer to improve rule quality and performance

A specification and style guide for YARA rules

blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.

Fast and accurate AI powered file content types detection

Etherscan v2 api client

A collection of files with indicators supporting social media posts from Palo Alto Network's Unit 42 team to disseminate timely threat intelligence.

signal-cli provides an unofficial commandline, JSON-RPC and dbus interface for the Signal messenger.

Passive SSL client fingerprinting using handshake analysis.

A local diffing tool for decompilation projects

Tools for working with TP-LINK VxWorks-based router firmware

SCION Internet Architecture

Public repository for SCION applications

Binary Utils for Zen Microcode

SMDA is a minimalist recursive disassembler library that is optimized for accurate Control Flow Graph (CFG) recovery from memory dumps.

Automatic YARA rule generation for Malpedia

The Tick is the next evolution in covert access control system implants for simulating adversary-in-the-middle attacks.

A simple, lightweight PowerShell script that allows you to remove pre-installed apps, disable telemetry, as well as perform various other changes to declutter and customize your Windows experience.…

Bandit is a tool designed to find common security issues in Python code.

Malware source code samples leaked online uploaded to GitHub for those who want to analyze the code.

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, …