A tool for exploring each layer in a docker image

Go implementation of the Ethereum protocol

Find, verify, and analyze leaked credentials

Reconnaissance tool for GitHub organizations

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

Scan for misconfigured S3 buckets across S3-compatible APIs!

Project Wycheproof tests crypto libraries against known attacks.

A tool to abuse Exchange services

A transparent and secure way to look up public keys.

A utility to safely generate malicious network traffic patterns and evaluate controls.

THIS IS A READ-ONLY historic repository. Current development is at https://gerrit.hyperledger.org/r/#/admin/projects/fabric . pull requests not accepted

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

ToRat is a Remote Administation tool written in Go using Tor as a transport mechanism and RPC for communication

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

To install, see "Releases" tab. Self-contained daemon for reading local files and emitting remote syslog (without using local syslogd).

Scans Software Bill of Materials (SBOMs) for security vulnerabilities

A command-line scanner for batch detection of Next.js application versions and determining if they are affected by CVE-2025-66478 vulnerability.

Golang IPv6 address enumeration

PasteBomb C2-less RAT

Factom Servers begin by providing proof of existence services, but then move on to provide proof of existence of transforms. A list of such entries can be thought of as a FactomChain. A FactomChain…

Create and host contactless payment cards using bitcoin over the lightning network

PoC exploit code for CVE-2021-26855

A tool to abuse Exchange services