Automation to assess the state of your M365 tenant against CISA's baselines

GUAC aggregates software security metadata into a high fidelity graph database.

A deauth attack that disconnects all devices from the target wifi network (2.4Ghz & 5Ghz), WPA3 also supported (PMF not tested)

KQL Queries. Microsoft Defender, Microsoft Sentinel

A collection of scripts that help handling X.509 certificate and TLS issues

A modern alternative to ls

Awesome Security lists for SOC/CERT/CTI

📙 Amazon Web Services — a practical guide

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Modular and decentralised honeypot

World's fastest and most advanced password recovery utility

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

Scrape the IP ranges of cloudproviders and check if a IP belongs to a particular CloudProvider. This can also help to speed up your CSIRT activities

Cartography is a Python tool that pulls infrastructure assets and their relationships into a Neo4j graph database.

Claude Engineer is an interactive command-line interface (CLI) that leverages the power of Anthropic's Claude-3.5-Sonnet model to assist with software development tasks.This framework enables Claud…

A Streamlit Graph Vis

AI-Powered Photos App for the Decentralized Web 🌈💎✨

A black hole for Internet advertisements

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

secureCodeBox (SCB) - continuous secure delivery out of the box

The first real AI developer

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

Jekyll version of the newest Agency Bootstrap theme, plus new features: Google Analytics, Markdown support, custom pages, and more!

Directory/File, DNS and VHost busting tool written in Go

Github action for linting AWS IAM policy documents

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Hands on labs and code to help you learn, measure, and build using architectural best practices.