Community guide to using YubiKey for GnuPG and SSH - protect secrets with hardware crypto.

Automagically reverse-engineer REST APIs via capturing traffic

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Gather and update all available and newest CVEs with their PoC.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Automate the creation of a lab environment complete with security tooling and logging best practices

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

ChatGPT Jailbreaks, GPT Assistants Prompt Leaks, GPTs Prompt Injection, LLM Prompt Security, Super Prompts, Prompt Hack, Prompt Security, Ai Prompt Engineering, Adversarial Machine Learning.

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

So what is this all about? Yep, its an OSINT blog and a collection of OSINT resources and tools. Suggestions for new OSINT resources is always welcomed.

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

Open-source pentesting management and automation platform by Salesforce Product Security

Weaponized Browser-in-the-Middle (BitM) for Penetration Testers

This is a collection of phishing templates and a landing page to be used with goPhish

A RedTeam Toolkit

A curated list of awesome tools for Amazon EKS 🌊

An open-source self-hosted purple team management web application.

Table of AD and Azure assets and whether they belong to Tier Zero

peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.

Active Directory Firewall

A Collection of Email and Landing Page Templates for Use with Gophish