Stars
micromize is a security hardening tool designed to detect and break the post-exploit kill chain for containerized applications, leveraging BPF LSM.
Post-exploit a compromised etcd, gain persistence and remote shell to nodes.
A flexible, AI powered C2 framework built with operators in mind
A realistic exam simulator for CKAD, CKA, and CKS featuring timed sessions and hands-on labs with pre-configured clusters.
PatchEval: A New Benchmark for Evaluating LLMs on Patching Real-World Vulnerabilities
Pre-Built Vulnerable Environments Based on Docker-Compose
Benchmarking LLM agents on Cyber Threat Investigation.
Helm charts for running open source digital forensic tools in Kubernetes
The dragon in the dark. A red team post exploitation framework for testing security controls during red team assessments.
Rulezet is an open-source web platform for sharing, evaluating, improving, and managing cybersecurity detection rules (YARA, Sigma, Suricata, etc). It aims to foster collaboration among professiona…
Find relevant incidents, logs, events, and alerts to all of your incidents. [Attack Flows, Attack Chains, & Root Cause Discovery - NO LLMs, NO Queries, Just Explainable Machine Learning] >> Use it …
Behavioral Evaluation of Application Metrics (BEAM)
Real-time, container-based file scanning at enterprise scale
A security tool that detects malicious packages from external vulnerability feeds and searches for them in your package registries or artifact repositories.
ElectricEye is a multi-cloud, multi-SaaS Python CLI tool for Asset Management, Security Posture Management & Attack Surface Monitoring supporting 100s of services and evaluations to harden your CSP…
Modern image vulnerability scanning & patching platform with multi-tool integration.
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
DetectPack Forge turns plain-English behaviors or sample logs into production-ready detection packs — Sigma, KQL (Sentinel), SPL (Splunk) — plus tests and a response playbook, mapped to MITRE ATT&C…
A next-generation HTTP stealth proxy which perfectly cloaks requests as the Chrome browser across all layers of the stack.
Fingerprint-aware TLS reverse proxy. Use Finch to outsmart bad traffic—collect client fingerprints (JA3, JA4 +QUIC, JA4H, HTTP/2) and act on them: block, reroute, tarpit, or deceive in real time.
A curated list of security tools for Hackers & Builders!
Open-source AI agents for penetration testing
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…
ToolHive makes deploying MCP servers easy, secure and fun
Helping Ethical Hackers use LLMs in 50 Lines of Code or less..