Your gateway to OWASP. Discover, engage, and help shape the future!

Rust tool to detect cell site simulators on an orbic mobile hotspot

Wifi Pineapple Mk7 Evilportals

OWASP Foundation web repository

A curated list of cybersecurity tools and resources.

Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.

A Very Vulnerable Node.js Express.js Web Application and API. Used for testing Security tools, Application security and penetration testing. Using Swagger, Sqlite, Sequelize.

Phone Radar is a simple tool that allows you to scan mobile phone numbers and display the provider tied to the number, can be usefull to identify some spam call

Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...

A highly customizable Changelog Generator that follows Conventional Commit specifications ⛰️

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. …

Social networking technology created by Bluesky

Repository of configurations built while documenting the basics of NixOS, Home-Manager, and Flakes.

Open-source web platform used to create live reporting dashboards from APIs, MongoDB, Firestore, MySQL, PostgreSQL, and more 📈📊

BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.

Kernel exploit for Xbox SystemOS using CVE-2024-30088

TypeScript implementation of the DXOS protocols, SDK, toolchain and Composer.

A MidiPipe AppleScript that enables Maschine 2 users to use a LaunchPad MK3 Mini to control patterns in Maschine

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

A round-trip obfuscated HTTP file transfer setup built to bypass IDS detections.

A monster cheatsheet on MITM attacks

A system administration or post-exploitation script to automatically extract the bitlocker recovery keys from a domain.

A fast and comprehensive tool for organizational network scanning

Active Directory and Internal Pentest Cheatsheets

🕵️‍♂️ Offensive Google framework.

Prevents you from committing secrets and credentials into git repositories

ASH is an extensible, open source SAST, SCA, and IaC security scanner orchestration engine.