The repo is finally unlocked. enjoy the party! The fastest repo in history to surpass 100K stars ⭐. Join Discord: https://discord.gg/5TUQKqFWd Built in Rust using oh-my-codex.

DarkSword webkit exploit captured ITW

iOS <=26.0.1 DarkSword Kernel Exploit reimplemented in Objective-C

intentionally vuln web Application Security in django

Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD

Operation Frostbyte, AKA SnowGoat. A misconfigured Snowflake environment.

A JavaScript Engine Fuzzer

The best tool for finding one gadget RCE in libc.so.6

AWSGoat : A Damn Vulnerable AWS Infrastructure

BillionMail gives you open-source MailServer, NewsLetter, Email Marketing — fully self-hosted, dev-friendly, and free from monthly fees. Join the discord: https://discord.gg/asfXzBUhZr

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

Corelan Repository for mona.py

ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.

NextJS-based single-page application for completing and reviewing SAMM assessments

🔍 Search anyone's digital footprint across 300+ websites

Least Significant Bit Steganography for bitmap images (.bmp and .png), WAV sound files, and byte sequences. Simple LSB Steganalysis (LSB extraction) for bitmap images.

Unofficial revival of the well known .NET debugger and assembly editor, dnSpy

Find, verify, and analyze leaked credentials

Find secrets with Gitleaks 🔑

Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.

Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

Pluggable linting tool to prevent committing credential.

🍃 Organic Maps is a free Android & iOS offline maps app for more than 6M travelers, tourists, hikers, and cyclists. It uses crowd-sourced OpenStreetMap data and is developed with love by the commun…

A minimal, responsive, and feature-rich Jekyll theme for technical writing.

This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security,…

🐬 A collection of awesome resources for the Flipper Zero device.

Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.

Split information output of pwndbg output

Convert Cobalt Strike profiles to modrewrite scripts