This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security,…

Security Analytics enables users for detecting security threats on their security event log data. It will also allow them to modify/tailor the pre-packaged solution.

🐍 A toolkit for testing, tweaking and cracking JSON Web Tokens

Spring4Shell POC

AWS Lambda function to ingest application logs from S3 Buckets into ElasticSearch for indexing

Covenant is a collaborative .NET C2 framework for red teamers.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

CyberSec Blog

Pyro 5 - Python remote objects

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

A TCP/UDP based network daemon fuzzer

Light weight cross-platform test automation

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Official repository for the Microsoft C/C++ extension for VS Code.

The ZAP by Checkmarx Core project

Visual Studio Code

A repository for learning various heap exploitation techniques.

Automatically exported from code.google.com/p/unix-privesc-check

Linux privilege escalation auditing tool

Repository of yara rules

The pattern matching swiss knife

Source graveyard and random candy for radare2

UNIX-like reverse engineering framework and command-line toolset

Extra goodies for GEF to (try to) make GDB suck even less

GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux