A collection of awesome security hardening guides, tools and other resources

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Simplifying SSL/TLS traffic analysis for researchers by making SSL decryption effortless.

Linux Runtime Security and Forensics using eBPF

🏔 Love Freedom - ❌ Block Mass Surveillance

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

api-gateway, framework for service management based on openresty。balance, health-check, limit-fuse, waf, 负载均衡，健康检查，服务熔断，服务限流，动态配置，数据统计, waf过滤，黑白名单，基于openresty的API网关

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Real-time HTTP Intrusion Detection

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

SSH based reverse shell

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CV…

Attack Flow helps executives, SOC managers, and defenders easily understand how attackers compose ATT&CK techniques into attacks by developing a representation of attack flows, modeling attack flow…

NethSecurity image and build environment

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

DPI bypass multi platform

GoodbyeDPI — Deep Packet Inspection circumvention utility (for Windows)

Open Adversarial Exposure Validation Platform

Detect DoS attack using a custom rule file in Suricata

Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to invest…

Open Source Network Forensic Analysis Tool (NFAT)

OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

A high-performance packet broker in C with advanced rule management, dynamic updates, protocol and VLAN filtering.

best tool for finding SQLi,CRLF,XSS,LFi,OpenRedirect

☁️ The Most Secure and Easy Selfhosted Home Server. Take control of your data and privacy without sacrificing security and stability (Authentication, anti-DDOS, anti-bot)

View HTTP/HTTPS requests made by any Linux program

IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation b…