A powerful and user-friendly binary analysis platform!

Multi-Cloud Security Auditing Tool

Easily migrate your codebase from one framework or language to another.

Everything about Web Application Firewalls (WAFs) from Security Standpoint! 🔥

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

A True Instrumentable Binary Emulation Framework

The FLARE team's open-source tool to identify capabilities in executable files.

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

A collection of useful CloudFormation templates

Google CTF

Windows Exploit Suggester - Next Generation

This tool lets you search your gadgets on your binaries to facilitate your ROP exploitation. ROPgadget supports ELF, PE and Mach-O format on x86, x64, ARM, ARM64, PowerPC, SPARC, MIPS, RISC-V 64, a…

Veil 3.1.X (Check version info in Veil at runtime)

Diaphora, the most advanced Free and Open Source program diffing tool.

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique present…

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Hidden Markov Models in Python, with scikit-learn like API

A high performance offensive security tool for reconnaissance and vulnerability scanning

The successor to reDuh, pwn a bastion webserver and create SOCKS proxies through the DMZ. Pivot and pwn.

The Python Cryptography Toolkit

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

Display information about files in different file formats and find gadgets to build rop chains for different architectures (x86/x86_64, ARM/ARM64, MIPS, PowerPC, SPARC64). For disassembly ropper us…

FakeNet-NG - Next Generation Dynamic Network Analysis Tool

Chaos Engineering Toolkit & Orchestration for Developers

A curated list of resources related to Industrial Control System (ICS) security.

Sniffs sensitive data from interface or pcap

A tool for automating cracking methodologies through Hashcat from the TrustedSec team.