ShhhShare sensitive info without leaving a trace in your chat logs or email accounts.
HardentheworldHarden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Node Sec RoadmapSome thoughts on how Node.js might respond to a changing security environment
NebulousadNebulousAD automated credential auditing tool.
Hacker101Source code for Hacker101.com - a free online web and mobile security class.
MemguardSecure software enclave for storage of sensitive information in memory.
FairemailFully featured, open source, privacy friendly email app for Android
SiemSIEM Tactics, Techiques, and Procedures
Laravel Nist Password Rules🔒 Laravel validation rules that follow the password related recommendations found in NIST Special Publication 800-63B section 5.
FuddlyFuzzing and Data Manipulation Framework (for GNU/Linux)
Edb Debuggeredb is a cross-platform AArch32/x86/x86-64 debugger.
TinderonlineFind out which of your friends are online on Tinder
Spark Pac4jSecurity library for Sparkjava: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
KarmaFind leaked emails with your passwords
ClamtkAn easy to use, light-weight, on-demand virus scanner for Linux systems
Web2attackWeb hacking framework with tools, exploits by python
Detectemdetectem - detect software and its version on websites.
Mixplaintext可对 Xcode 项目工程所有的 objective-c 文件内包含的明文进行加密混淆,提高逆向分析难度。
UrlcrazyGenerate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.
NetpwnTool made to automate tasks of pentesting.
EbooksA repository for ebooks, including C, C plus plus, Linux Kernel, Compiler, OS, Algorithm, Security, Database, Network, ML and DL
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
BeyondBeyondCorp-inspired Access Proxy. Secure internal services outside your VPN/perimeter network during a zero-trust transition.
DiscordcryptEnd-To-End File & Message Encryption For Discord
Jose2goGolang (GO) implementation of Javascript Object Signing and Encryption specification
Bluemondaybluemonday: a fast golang HTML sanitizer (inspired by the OWASP Java HTML Sanitizer) to scrub user generated content of XSS
Lemur DockerDocker files for the Lemur certificate orchestration tool
Docker MispAutomated Docker MISP container - Malware Information Sharing Platform and Threat Sharing
TfmaskTerraform utility to mask select output from `terraform plan` and `terraform apply`
SysSys: A Static/Symbolic Tool for Finding Good Bugs in Good (Browser) Code
Proof Of ConceptsA little collection of fun and creative proof of concepts to demonstrate the potential impact of a security vulnerability.
Is my password pwnedHow often does your password appear in the Pwned Passwords database? Uses the k-anonymity API.
0wnedCode execution via Python package installation.
WpbulletA static code analysis for WordPress (and PHP)
LibdiffuzzCustom memory allocator that helps discover reads from uninitialized memory
Gopass Uigopass CLI + UI = visual cross-platform password manager for teams
ValidationFramework agnostic validation library for PHP
Burp Molly ScannerTurn your Burp suite into headless active web application vulnerability scanner