netmakerNetmaker makes networks with WireGuard. Netmaker automates fast, secure, and distributed virtual networks.
Stars: ✭ 4,147 (+9325%)
vulndb-data-mirrorA simple Java command-line utility to mirror the entire contents of VulnDB.
Stars: ✭ 36 (-18.18%)
GorsairGorsair hacks its way into remote docker containers that expose their APIs
Stars: ✭ 678 (+1440.91%)
Bugsite IndexIndex of websites publishing bugs along the lines of heartbleed.com
Stars: ✭ 38 (-13.64%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (+27.27%)
sigchainA signed hash chain implementation for zero-trust data management.
Stars: ✭ 41 (-6.82%)
Virtual RealityStealthy backdoor for Windows operating systems
Stars: ✭ 235 (+434.09%)
YawastYAWAST ...where a pentest starts. Security Toolkit for Web-based Applications
Stars: ✭ 181 (+311.36%)
WinpayloadsUndetectable Windows Payload Generation
Stars: ✭ 1,211 (+2652.27%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (+38.64%)
SysmontoolsUtilities for Sysmon
Stars: ✭ 903 (+1952.27%)
zap-sonar-pluginIntegrates OWASP Zed Attack Proxy reports into SonarQube
Stars: ✭ 66 (+50%)
EveboxWeb Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search
Stars: ✭ 286 (+550%)
h1-searchTool that will request the public disclosures on a specific HackerOne program and show them in a localhost webserver.
Stars: ✭ 58 (+31.82%)
Home-LabThis is the network diagrams, configuration guides, and hardware used for my home lab.
Stars: ✭ 62 (+40.91%)
Sast ScanScan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
Stars: ✭ 234 (+431.82%)
SSI Extra MaterialsIn my computer security courses I make extensive usage of cheatsheets for various tools and extra materials to complement the student learning if they are willing to do so. I have decided to share them to enable others to take advantage of them
Stars: ✭ 42 (-4.55%)
Sbt Dependency CheckSBT Plugin for OWASP DependencyCheck. Monitor your dependencies and report if there are any publicly known vulnerabilities (e.g. CVEs). 🌈
Stars: ✭ 187 (+325%)
ScoutScout - a Contactless Active Reconnaissance Tool
Stars: ✭ 48 (+9.09%)
HawkeyeHawkeye filesystem analysis tool
Stars: ✭ 202 (+359.09%)
OvaaOversecured Vulnerable Android App
Stars: ✭ 152 (+245.45%)
Nist Data MirrorA simple Java command-line utility to mirror the CVE JSON data from NIST.
Stars: ✭ 135 (+206.82%)
NetsetOperational Security utility and automator.
Stars: ✭ 110 (+150%)
sample-scan-filesSample scan files for testing DefectDojo imports
Stars: ✭ 60 (+36.36%)
SynnerA TCP SYN flood client written in Rust, powered by libpnet
Stars: ✭ 59 (+34.09%)
www-project-zapOWASP Zed Attack Proxy project landing page.
Stars: ✭ 52 (+18.18%)
FiercephishFiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
Stars: ✭ 960 (+2081.82%)
cryptoniceCryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration…
Stars: ✭ 91 (+106.82%)
Tincan TlsA cleanroom implementation of TLS 1.3
Stars: ✭ 18 (-59.09%)
NmapIdiomatic nmap library for go developers
Stars: ✭ 391 (+788.64%)
lunasecLunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Stars: ✭ 1,261 (+2765.91%)
Sysmon ConfigSysmon configuration file template with default high-quality event tracing
Stars: ✭ 3,287 (+7370.45%)
juice-shopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 7,533 (+17020.45%)
maalikFeature-rich Post Exploitation Framework with Network Pivoting capabilities.
Stars: ✭ 75 (+70.45%)
dexIoT device indexer and search engine.
Stars: ✭ 53 (+20.45%)
appsec-educationPresentations, training modules, and other education materials from Duo Security's Application Security team.
Stars: ✭ 59 (+34.09%)
PayloadsGit All the Payloads! A collection of web attack payloads.
Stars: ✭ 2,862 (+6404.55%)
feverfast, extensible, versatile event router for Suricata's EVE-JSON format
Stars: ✭ 47 (+6.82%)
KicsFind security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
Stars: ✭ 189 (+329.55%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-18.18%)
Zap HudThe OWASP ZAP Heads Up Display (HUD)
Stars: ✭ 201 (+356.82%)
evtx-hunterevtx-hunter helps to quickly spot interesting security-related activity in Windows Event Viewer (EVTX) files.
Stars: ✭ 122 (+177.27%)
BlisqyVersion 0.2 - Exploit Time-based blind-SQL injection in HTTP-Headers (MySQL/MariaDB).
Stars: ✭ 179 (+306.82%)
awesome-policy-as-codeA curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.
Stars: ✭ 121 (+175%)
Threat Model CookbookThis project is about creating and publishing threat model examples.
Stars: ✭ 159 (+261.36%)
CameradarCameradar hacks its way into RTSP videosurveillance cameras
Stars: ✭ 2,775 (+6206.82%)
Web MethodologyMethodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (+222.73%)
solutions-bwappIn progress rough solutions to bWAPP / bee-box
Stars: ✭ 158 (+259.09%)
KurukshetraKurukshetra - A framework for teaching secure coding by means of interactive problem solving.
Stars: ✭ 131 (+197.73%)
Ee OutliersOpen-source framework to detect outliers in Elasticsearch events
Stars: ✭ 172 (+290.91%)
nodejssecurityDocumentation for Essential Node.js Security
Stars: ✭ 64 (+45.45%)
sshizzleServerless, Zero-Trust SSH for Microsoft Azure
Stars: ✭ 62 (+40.91%)