Detects CanaryTokens in Office docs and PDFs (docx, xlsx, pptx, pdf) without triggering alerts

Read-only developer endpoint scanner for on-disk package, extension, and developer-tool metadata, built to check exposure to known software supply-chain compromises.

A Triage Agent for reducing junior analyst manual activiites

A tshark MCP server for packet capture and analysis

Digital Forensic Analysis and Incident Response Playbooks to handle real world security incidents

Comprehensive incident response playbooks and procedures for handling various cybersecurity incidents. This project provides step-by-step guidance for incident detection, containment, eradication, …

Repository containing the source code for the workshop "Unveiling the Obscurity: Intercepting Agent-Server Communications"

A complete security skill suite for OpenClaw, Hermes, PicoClaw and NanoClaw agents (and variants). Protect your SOUL.md (etc') with drift detection, live security recommendations, automated audits,…

Public repo of papers and publications

TokenSmith generates Entra ID access & refresh tokens on offensive engagements. It is suitable for both covert adversary simulations and penetration tests with the tokens generated working out of t…

Crack password hashes without the fuss 🐈

A collection of FREE cyber security books

A comprehensive, step-by-step guide to mastering cybersecurity from beginner to expert level with curated resources, tools, and career guidance

A stealthy reverse shell built with native PowerShell and Server-Sent Events (SSE). No polling. No sockets. Just pure HTTP and real-time command execution over text/event-stream.

A modular Active Directory lab builder for hands-on penetration testing and security research in isolated environments.

A collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics.

Azure JWT Token Manipulation Toolset

PurpleLab is an efficient and readily deployable lab solution, providing a swift setup for cybersecurity professionals to test detection rules and undertake various security tasks, all accessible …

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Please no pull requests for this repository. Thanks!

MBC content in markdown

The FLARE team's open-source tool to identify capabilities in executable files.

Content and collateral for the Microsoft Sentinel SOC 101 series

🤖 The Modern Port Scanner 🤖

Papers from the computer science community to read and discuss.

A curated list of awesome Go frameworks, libraries and software

A simple screen parsing tool towards pure vision based GUI agent

Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

The trust-minimized, zero-knowledge bridging protocol, designed for censorship resistance, extremely high security, and usage in decentralized finance.

A curated and opinionated list of resources for Chief Technology Officers, with the emphasis on startups