A list of open source web security scanners

Automatically created C2 Feeds

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

Sysmon configuration file template with default high-quality event tracing

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

The Havoc Framework

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️

Tools and Techniques for Red Team / Penetration Testing

Tools and Techniques for Blue Team / Incident Response

The FLARE team's open-source tool to identify capabilities in executable files.

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

Directory/File, DNS and VHost busting tool written in Go

Some notes about Hydra for bruteforcing

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. [email protected]

Automatic SQL injection and database takeover tool

🤖 The Modern Port Scanner 🤖

Fast web fuzzer written in Go

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

This repository contains the source code for the REMnux installer, which is the command-line tool for installing and upgrading the REMnux distro.

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

Six Degrees of Domain Admin

How to systematically secure anything: a repository about security engineering

A simple list with public DNS-over-HTTPS (DOH) providers so you can easily block them.

A tool for forensic file system reconstruction.

A powerful data recovery utility for Linux with many advanced features based on Scott Dwyer's HDDSuperClone.

Super timeline all the things