Top 307 cybersecurity open source projects

Enumerate information from NTLM authentication enabled web endpoints 🔎

GNU Radio – the Free and Open Software Radio Ecosystem

Git All the Payloads! A collection of web attack payloads.

Data leak checker & OSINT Tool

MITRE ATT&CK Website

Automated Adversary Emulation Platform

Don't Just Search OSINT. Sweep It.

Automated Tactics Techniques & Procedures

This is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder

A modular Python application to collect intelligence for malicious hosts.

The platform used to run picoCTF. A great framework to host any CTF.

List of the most common French passwords

A backdoor with a multitude of features.

Lockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.

easy-to-use payload hosting

FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.

Discover internet-wide misconfigurations while drinking coffee

WIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.

The all-in-one Red Team extension for Web Pentester 🛠

A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

Advanced buffer overflow and memory corruption security challenges

MagicPad is an encryption suite for beginners. It is designed to be run standalone via the browser or executable (Electron).

🔐 Docker Container for Penetration Testing & Security

Python library and CLI for the Bug Bounty Recon API

备考 OSCP 的各种干货资料/渗透测试干货资料

Capturing, analysing and responding to cyber attacks

OWASP Honeypot, Automated Deception Framework.

Monitoring your Slack workspaces for sensitive information

The Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.

Collection of PowerShell functions a Red Teamer may use to collect data from a machine

An anti-ARP-spoofing application software that use active and passive scanning methods to detect and remove any ARP-spoofer from the network.

Enine boyuna siber güvenlik

Як не стати кібер-жертвою

PyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>

Authors

A dashboard for a real-time overview of threat intelligence from MISP instances

🔒 A curated checklist of 300+ tips for protecting digital security and privacy in 2021

A place where I can create, collect and share tooling, resources and knowledge about information security.

Distributed malware processing framework based on Python, Redis and MinIO.

JavaScript library for building web-based applications that employ secure multi-party computation (MPC).

Wireshark Cheat Sheet

A Python library and command line tools to provide interactive log visualization.

A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]

👺 A Backdoor For Apache HTTP Server Written in C

Let's track phishing kits to give to research community raw material to study !

Monitoring GitLab for sensitive data shared publicly

WALKOFF-enabled applications. #nsacyber

This repository contains a list of all web sites I come across that are either hacked with or purposefully hosting malware, ransomware, viruses or trojans.

Malware repository component for samples & static configuration with REST API interface.

GUI based offensive penetration testing tool (Open Source)

internet monitoring osint telegram bot for windows

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Dorks for shodan.io. Some basic shodan dorks collected from publicly available data.

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Security control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.

One way to continuously monitor sensitive information that could be exposed on Github

An ongoing list of virtual cybersecurity conferences.

A toolkit for Security Researchers