Stars
The SpecterOps project management and reporting engine
Prowler is the Open Cloud Security for AWS, Azure, GCP, Kubernetes, M365 and more. As agent-less, it helps for continuous monitoring, security assessments & audits, incident response, compliance, h…
📡 PoC auto collect from GitHub.
A collaborative, multi-platform, red teaming framework
The world’s fastest framework for building websites.
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA…
A repository of curated datasets from various attacks
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
In-depth attack surface mapping and asset discovery
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Impacket is a collection of Python classes for working with network protocols.
A collection of links related to Linux kernel security and exploitation
Asynchronous parallel SSH client library.
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Extract credentials from lsass remotely
ShellCheck, a static analysis tool for shell scripts
A Golang SDK for interacting with the Okta management API, enabling server-side code to manage Okta users, groups, applications, and more.
A Python package and CLI for parsing aggregate and forensic DMARC reports
A list of useful payloads and bypass for Web Application Security and Pentest/CTF