Trending Projects

CrowdSec is an open-source security solution offering crowdsourced protection against malicious IPs and access to real-world CTI.

DVWA is a PHP web application designed to be insecure, allowing developers to learn and practice web application security testing techniques.

Open-source vulnerable web application for security testing and learning purposes.

Nmap is a powerful network discovery and security auditing tool that can be used for a variety of purposes.

Osintgram is an OSINT (Open-Source Intelligence) tool for Instagram that provides an interactive shell to analyze Instagram accounts.

A comprehensive Firefox privacy and security configuration template for developers focused on anti-tracking and anti-fingerprinting.

This repository provides tools and tutorials for cracking WPA/WPA2 Wi-Fi passwords, which is not recommended for general use.

A community guide to using YubiKey for secure GnuPG and SSH access, protecting secrets with hardware crypto.

LuLu is a free, open-source macOS firewall that provides protection against unauthorized network access.

A free, secure and open source Android app to manage 2-step verification tokens.

An open-source firewall and privacy tool that blocks mass surveillance and protects your online privacy.

A community-curated collection of templates for the nuclei engine to find security vulnerabilities.

OSS-Fuzz is a continuous fuzzing platform for open-source software, focused on improving security and stability.

A penetration testing framework packed with hacking tools for security research and exploration.

Hydra is a parallelized login cracker which supports numerous protocols to authenticate against remote services.

This repository provides free SSR/V2ray node subscriptions and related tools for bypassing internet censorship.

Small and highly portable detection tests based on MITRE's ATT&CK framework for security researchers.

A comprehensive security assessment tool that supports scanning for common web vulnerabilities and custom PoCs.

A curated list of CTF (Capture the Flag) frameworks, libraries, resources and software for security professionals.

TheFatRat is a tool to generate backdoors and bypassing antivirus software for malware execution.

Clair is a static analysis tool for scanning container images and identifying vulnerabilities.

This is a comprehensive OSINT (Open-Source Intelligence) framework for gathering intelligence and conducting reconnaissance.

A fast subdomain enumeration tool for penetration testers and security researchers.

Sliver is an adversary emulation framework written in Go that can be used for red team engagements.

The Browser Exploitation Framework Project is a penetration testing tool for web applications.

This is an open-source webshell project that provides access to remote servers through various scripting languages.

SimpleX is a privacy-focused messaging network that operates without any user identifiers, providing a 100% private chat experience.

BloodHound-Legacy is a PowerShell tool for discovering paths to domain admin in Active Directory environments.

404StarLink is a collection of high-quality, meaningful, and actively maintained open-source security projects.

A Python library to check if an email is used on various sites and retrieve information on forgotten password functionality.

A curated list of awesome search engines for penetration testing, vulnerability assessments, and security research.

A comprehensive repository covering security engineering principles and practices to systematically secure anything.

An ad-blocking and privacy protection tool that supports a wide range of network components.

A curated list of honeypot resources for security researchers and developers.

A Python library for creating and managing security detection rules for SIEM and monitoring tools.

This is a repository of cutting-edge open-source security tools for red teamers and threat hunters.

Nikto is a powerful open-source web server scanner for security testing and vulnerability detection.

An open-source Firefox configuration for optimal privacy and security.

A suite of Wi-Fi and Bluetooth offensive and defensive tools for the ESP32 microcontroller.

A curated list of Awesome Threat Intelligence resources for security professionals.

Nishang is an offensive PowerShell framework for red team, penetration testing, and security operations.

Remote administration tool for Windows, focused on security and remote control capabilities.

OneForAll is a powerful subdomain collection tool for security researchers and bug bounty hunters.

ModSecurity is an open-source web application firewall (WAF) engine for Apache, IIS, and Nginx that provides protection from web attacks.

A powerful open-source recursive internet scanner for security researchers and penetration testers.

An open-source post-exploitation framework for students, researchers and developers.

A comprehensive security and attack surface management platform for penetration testing and vulnerability assessment.

A comprehensive list of open-source tools for AWS security, including defensive, offensive, auditing, and incident response capabilities.

A collection of public penetration test reports for security research and learning.

A collection of setup scripts for security research tools, useful for penetration testing and ctf challenges.