Community curated list of templates for the nuclei engine to find security vulnerabilities.

The LLVM Project is a collection of modular and reusable compiler and toolchain technologies.

Digging Deeper....

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Read-only git conversion of OpenBSD's official CVS src repository. Pull requests not accepted - send diffs to the tech@ mailing list.

Six Degrees of Domain Admin

Ansible is a radically simple IT automation platform that makes your applications and systems easier to deploy and maintain. Automate everything from code deployment to network configuration to clo…

Unofficial mirror of sourceware glibc repository. Updated daily.

The FreeBSD src tree publish-only repository. Experimenting with 'simple' pull requests....

The Serenity Operating System 🐞

Free universal database tool and SQL client

UNIX-like reverse engineering framework and command-line toolset

A command line tool and library for transferring data with URL syntax, supporting DICT, FILE, FTP, FTPS, GOPHER, GOPHERS, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP…

OSS-Fuzz - continuous fuzzing for open source software.

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections…

A modern runtime for JavaScript and TypeScript.

A powerful little TUI framework 🏗

🪽 An open, easy, fast, reliable and battery-efficient solution for real-time communications

Metasploit Framework

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Find, verify, and analyze leaked credentials

[mirror] Go Tools

Damn Vulnerable Web Application (DVWA)

Upstream shadow tree

Automatic SQL injection and database takeover tool

The Elastic stack (ELK) powered by Docker and Compose.

Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

Main Sigma Rule Repository