Semi-automatic OSINT framework and package manager
Support
Quality
Security
License
Reuse
SSH man-in-the-middle tool
Support
Quality
Security
License
Reuse
A php.ini scanner for best security practices
Support
Quality
Security
License
Reuse
BBT - Bug Bounty Tools (examples💡)
Support
Quality
Security
License
Reuse
Spring Boot samples by Netgloo
Support
Quality
Security
License
Reuse
Documentation:
Support
Quality
Security
License
Reuse
Terminal log analysis tools
Support
Quality
Security
License
Reuse
Metlo is an open-source API security platform.
Support
Quality
Security
License
Reuse
pagehelper-spring-boot
Support
Quality
Security
License
Reuse
Powerful framework for rogue access point attack.
Support
Quality
Security
License
Reuse
Automating situational awareness for cloud penetration tests.
Support
Quality
Security
License
Reuse
AWSGoat : A Damn Vulnerable AWS Infrastructure
Support
Quality
Security
License
Reuse
Find, list, and inspect processes from Go (golang).
Support
Quality
Security
License
Reuse
100+ Spring Boot Articles, Tutorials, Video tutorials, Projects, Guides, Source code examples etc
Support
Quality
Security
License
Reuse
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Support
Quality
Security
License
Reuse
:no_entry: offsec batteries included
Support
Quality
Security
License
Reuse
:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Support
Quality
Security
License
Reuse
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Support
Quality
Security
License
Reuse
Golang hardware discovery/inspection library
Support
Quality
Security
License
Reuse
Microsoft Threat Intelligence Security Tools
Support
Quality
Security
License
Reuse
Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
Support
Quality
Security
License
Reuse
bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
Support
Quality
Security
License
Reuse
Versatile resource statistics tool (the real one, not the Red Hat clone)
Support
Quality
Security
License
Reuse
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Support
Quality
Security
License
Reuse
NetRipper - Smart traffic sniffing for penetration testers
Support
Quality
Security
License
Reuse
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
Support
Quality
Security
License
Reuse
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Support
Quality
Security
License
Reuse
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
Support
Quality
Security
License
Reuse
With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials.
Support
Quality
Security
License
Reuse
A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.
Support
Quality
Security
License
Reuse
A default credential scanner.
Support
Quality
Security
License
Reuse
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Support
Quality
Security
License
Reuse
A simple utility to remove unused resources in your Android app to lower the size of the APK. It's based on the Android lint tool output.
Support
Quality
Security
License
Reuse
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Support
Quality
Security
License
Reuse
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Support
Quality
Security
License
Reuse
The iOS Security Testing Framework
Support
Quality
Security
License
Reuse
[Suspended] FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Support
Quality
Security
License
Reuse
grep rough audit - source code auditing tool
Support
Quality
Security
License
Reuse
从零入门 !Spring Security With JWT(含权限验证)后端部分代码。
Support
Quality
Security
License
Reuse
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
Support
Quality
Security
License
Reuse
PacBot (Policy as Code Bot)
Support
Quality
Security
License
Reuse
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
Support
Quality
Security
License
Reuse
LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to tech@openbsd.org are welcome.
Support
Quality
Security
License
Reuse
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Support
Quality
Security
License
Reuse
Distributed & real time digital forensics at the speed of the cloud
Support
Quality
Security
License
Reuse
No-root network monitor, firewall and PCAP dumper for Android
Support
Quality
Security
License
Reuse
Android certificate pinning disable tools
Support
Quality
Security
License
Reuse
A suite of tools to assist with reviewing Open Source Software dependencies.
Support
Quality
Security
License
Reuse
Resources related to GitHub Security Lab
Support
Quality
Security
License
Reuse
Web and mobile application security training platform
Support
Quality
Security
License
Reuse
s
sn0intby kpcyrd
Semi-automatic OSINT framework and package manager
Rust
1535Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1535Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
s
ssh-mitmby jtesta
SSH man-in-the-middle tool
C 1507Updated: 2 y ago License: Proprietary (Proprietary)
1507Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
i
iniscanby psecio
A php.ini scanner for best security practices
PHP 1468Updated: 2 y ago License: Permissive (MIT)
1468Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
B
BBTzby m4ll0k
BBT - Bug Bounty Tools (examples💡)
Python 1462Updated: 2 y ago
License: No License (No License)
1462Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
s
spring-boot-samplesby netgloo
Spring Boot samples by Netgloo
Java 1456Updated: 2 y ago License: Permissive (MIT)
1456Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
a
Support
Quality
Security
License
Reuse
r
Support
Quality
Security
License
Reuse
m
metloby metlo-labs
Metlo is an open-source API security platform.
TypeScript 1412Updated: 1 y ago License: Permissive (MIT)
1412Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
pagehelper-spring-bootby pagehelper
pagehelper-spring-boot
Java 1403Updated: 2 y ago License: Permissive (MIT)
1403Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
w
wifipumpkin3by P0cL4bs
Powerful framework for rogue access point attack.
Python 1402Updated: 1 y ago License: Permissive (Apache-2.0)
1402Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
c
cloudfoxby BishopFox
Automating situational awareness for cloud penetration tests.
Go 1387Updated: 1 y ago License: Permissive (MIT)
1387Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
A
AWSGoatby ine-labs
AWSGoat : A Damn Vulnerable AWS Infrastructure
PHP 1376Updated: 1 y ago License: Permissive (MIT)
1376Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
g
go-psby mitchellh
Find, list, and inspect processes from Go (golang).
Go 1362Updated: 2 y ago License: Permissive (MIT)
1362Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
s
spring-boot-tutorialby RameshMF
100+ Spring Boot Articles, Tutorials, Video tutorials, Projects, Guides, Source code examples etc
Java 1351Updated: 1 y ago License: No License (No License)
1351Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
h
hayabusaby Yamato-Security
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Rust 1346Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1346Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
p
pentestby jivoi
:no_entry: offsec batteries included
Python 1329Updated: 2 y ago License: No License (No License)
1329Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
r
rails-security-checklistby eliotsykes
:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
Ruby 1329Updated: 2 y ago License: No License (No License)
1329Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
b
binaryalertby airbnb
BinaryAlert: Serverless, Real-time & Retroactive Malware Detection.
Python 1326Updated: 2 y ago License: Permissive (Apache-2.0)
1326Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
g
ghwby jaypipes
Golang hardware discovery/inspection library
Go 1326Updated: 1 y ago License: Permissive (Apache-2.0)
1326Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
m
msticpyby microsoft
Microsoft Threat Intelligence Security Tools
Python 1322Updated: 1 y ago License: Proprietary (Proprietary)
1322Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
g
ggshieldby GitGuardian
Find and fix 360+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
Python 1315Updated: 1 y ago License: Permissive (MIT)
1315Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
b
bayonetby CTF-MissFeng
bayonet是一款src资产管理系统,从子域名、端口服务、漏洞、爬虫等一体化的资产管理系统
Python 1313Updated: 1 y ago License: No License (No License)
1313Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
d
dstatby dstat-real
Versatile resource statistics tool (the real one, not the Red Hat clone)
Python 1310Updated: 2 y ago License: Strong Copyleft (GPL-2.0)
1310Updated: 2 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
D
Dr0p1t-Frameworkby D4Vinci
A framework that create an advanced stealthy dropper that bypass most AVs and have a lot of tricks
Python 1303Updated: 2 y ago License: Permissive (MIT)
1303Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
N
NetRipperby NytroRST
NetRipper - Smart traffic sniffing for penetration testers
PowerShell 1303Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1303Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
A
APIKitby API-Security
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
Java 1301Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1301Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
S
SprayingToolkitby byt3bl33d3r
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Python 1287Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1287Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
l
lunasecby lunasec-io
LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
TypeScript 1283Updated: 2 y ago License: Proprietary (Proprietary)
1283Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
d
django-hijackby django-hijack
With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials.
Python 1281Updated: 1 y ago License: Permissive (MIT)
1281Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
pam-duressby nuvious
A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.
C 1281Updated: 2 y ago License: Weak Copyleft (LGPL-3.0)
1281Updated: 2 y ago License: Weak Copyleft (LGPL-3.0)Support
Quality
Security
License
Reuse
c
changemeby ztgrace
A default credential scanner.
Python 1276Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1276Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
G
GitGotby BishopFox
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
Python 1274Updated: 2 y ago License: Weak Copyleft (LGPL-3.0)
1274Updated: 2 y ago License: Weak Copyleft (LGPL-3.0)Support
Quality
Security
License
Reuse
a
android-resource-removerby KeepSafe
A simple utility to remove unused resources in your Android app to lower the size of the APK. It's based on the Android lint tool output.
Python 1273Updated: 2 y ago License: Permissive (Apache-2.0)
1273Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
w
w5by w5teams
Security Orchestration, Automation and Response (SOAR) Platform. 安全编排与自动化响应平台,无需编写代码的安全自动化,使用 SOAR 可以让团队工作更加高效
Python 1267Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1267Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
l
log4j-scannerby cisagov
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
Java 1260Updated: 2 y ago License: No License (No License)
1260Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
n
needleby WithSecureLabs
The iOS Security Testing Framework
Python 1258Updated: 1 y ago License: Proprietary (Proprietary)
1258Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
f
flare-fakenet-ngby fireeye
[Suspended] FakeNet-NG - Next Generation Dynamic Network Analysis Tool
Python 1251Updated: 3 y ago License: Permissive (Apache-2.0)
1251Updated: 3 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
g
grauditby wireghoul
grep rough audit - source code auditing tool
Shell 1226Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
1226Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
s
spring-security-jwt-guideby Snailclimb
从零入门 !Spring Security With JWT(含权限验证)后端部分代码。
Java 1223Updated: 1 y ago License: No License (No License)
1223Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
A
AIL-frameworkby CIRCL
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
Python 1222Updated: 1 y ago License: Strong Copyleft (AGPL-3.0)
1222Updated: 1 y ago License: Strong Copyleft (AGPL-3.0)Support
Quality
Security
License
Reuse
p
pacbotby tmobile
PacBot (Policy as Code Bot)
Java 1217Updated: 2 y ago License: Permissive (Apache-2.0)
1217Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
C
CredSniperby ustayready
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
HTML 1217Updated: 1 y ago License: Permissive (Apache-2.0)
1217Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
p
portableby libressl
LibreSSL Portable itself. This includes the build scaffold and compatibility layer that builds portable LibreSSL from the OpenBSD source code. Pull requests or patches sent to tech@openbsd.org are welcome.
C 1213Updated: 1 y ago License: No License (No License)
1213Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
i
inqlby doyensec
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
Python 1205Updated: 1 y ago License: Permissive (Apache-2.0)
1205Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
m
migby mozilla
Distributed & real time digital forensics at the speed of the cloud
Go 1198Updated: 2 y ago License: Weak Copyleft (MPL-2.0)
1198Updated: 2 y ago License: Weak Copyleft (MPL-2.0)Support
Quality
Security
License
Reuse
P
PCAPdroidby emanuele-f
No-root network monitor, firewall and PCAP dumper for Android
Java 1189Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1189Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
D
DroidSSLUnpinningby WooyunDota
Android certificate pinning disable tools
JavaScript 1172Updated: 1 y ago License: No License (No License)
1172Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
o
ortby oss-review-toolkit
A suite of tools to assist with reviewing Open Source Software dependencies.
Kotlin 1165Updated: 1 y ago License: Permissive (Apache-2.0)
1165Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
s
securitylabby github
Resources related to GitHub Security Lab
C 1160Updated: 1 y ago License: Permissive (MIT)
1160Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
S
SecurityShepherdby OWASP
Web and mobile application security training platform
Java 1158Updated: 1 y ago License: Strong Copyleft (GPL-3.0)
1158Updated: 1 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse