An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

Free cross-platform password manager compatible with KeePass

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A list of public penetration test reports published by several consulting firms and academic security groups.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Automate the creation of a lab environment complete with security tooling and logging best practices

Open-Source Unified Vulnerability Management, DevSecOps & ASPM

Hosted Reverse Shell generator with a ton of functionality. -- (Great for CTFs)

Windows Events Attack Samples

The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

Malware samples, analysis exercises and other interesting resources.

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework.

Tracking interesting Linux (and UNIX) malware. Send PRs

Jok3r v3 BETA 2 - Network and Web Pentest Automation Framework

Utilities for MITRE™ ATT&CK

A Nmap XSL implementation with Bootstrap.

Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in gener…

A vulnerable version of Rails that follows the OWASP Top 10

Retired beginner/intermediate malware analysis training materials from @pedramamini and @erocarrera.

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Scanner, signatures and the largest collection of Magento malware

PatrOwl - Open Source, Smart and Scalable Security Operations Orchestration Platform

The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access to artifa…

Automatically exported from code.google.com/p/domxsswiki

GUI to Manage Software Restriction Policies and harden Windows Home OS

This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.