Stars
An SSHCA that uses a standard Yubikey to issue new host and user certificates.
Watches for trigger packets, runs commands or spawns a shell
Provide a shell like interface by utilizing osquery's distributed API
The best-in-class HTTP Debugger for macOS. Capture HTTP/HTTPS from macOS, iOS, Android with a few clicks ✅
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
domain name/brand infringement detector. pulls newly registered domains daily, searches variations of your company domain names and alerts on typo squatters/phishing domains.
checks site content against known good ssdeep hash, identifies matches
GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
A collection of various awesome lists for hackers, pentesters and security researchers
A collection of small bash scripts for heavy terminal users
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
A pure Unix shell script ACME client for SSL / TLS certificate automation
Find, verify, and analyze leaked credentials
Some setup scripts for security research tools.
Community guide to securing and improving privacy on macOS.
match command-line arguments to their help text
Enabling 2fac confirmation for newly connected USB devices
Vagrant Box that will deploy a bare ubuntu box (vmware or virtualbox) and install MSF on top.
Platform to host Capture the Flag competitions
A collection of PHP backdoors. For educational or testing purposes only.