The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Support
Quality
Security
License
Reuse
In-depth Attack Surface Mapping and Asset Discovery
Support
Quality
Security
License
Reuse
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Support
Quality
Security
License
Reuse
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Support
Quality
Security
License
Reuse
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
Support
Quality
Security
License
Reuse
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Support
Quality
Security
License
Reuse
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
Support
Quality
Security
License
Reuse
GRR Rapid Response: remote live forensics for incident response
Support
Quality
Security
License
Reuse
Open Cyber Threat Intelligence Platform
Support
Quality
Security
License
Reuse
Official OWASP Top 10 Document Repository
Support
Quality
Security
License
Reuse
This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
Support
Quality
Security
License
Reuse
EasyHook - The reinvention of Windows API Hooking
Support
Quality
Security
License
Reuse
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
Support
Quality
Security
License
Reuse
ScareCrow - Payload creation framework designed around EDR bypass.
Support
Quality
Security
License
Reuse
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
Support
Quality
Security
License
Reuse
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
Support
Quality
Security
License
Reuse
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
Support
Quality
Security
License
Reuse
Collaborative forensic timeline analysis
Support
Quality
Security
License
Reuse
A shell script to clone a booted disk.
Support
Quality
Security
License
Reuse
Digging Deeper....
Support
Quality
Security
License
Reuse
Support
Quality
Security
License
Reuse
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
Support
Quality
Security
License
Reuse
Awesome Node.js Security resources
Support
Quality
Security
License
Reuse
OSINT tool for finding profiles by username
Support
Quality
Security
License
Reuse
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
Support
Quality
Security
License
Reuse
Source code behind the Windows Subsystem for Linux documentation.
Support
Quality
Security
License
Reuse
Windows dll injector
Support
Quality
Security
License
Reuse
OWASP ModSecurity Core Rule Set (Official Repository)
Support
Quality
Security
License
Reuse
Science Hack Day in India http://sciencehack.in
Support
Quality
Security
License
Reuse
Super timeline all the things
Support
Quality
Security
License
Reuse
The .NET Assembly Editor
Support
Quality
Security
License
Reuse
:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Support
Quality
Security
License
Reuse
Indicators from Amnesty International's investigations
Support
Quality
Security
License
Reuse
Your Everyday Threat Intelligence
Support
Quality
Security
License
Reuse
PyTorch implementation of adversarial attacks.
Support
Quality
Security
License
Reuse
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Support
Quality
Security
License
Reuse
PowerForensics provides an all in one platform for live disk forensic analysis
Support
Quality
Security
License
Reuse
LSASS memory dumper using direct system calls and API unhooking.
Support
Quality
Security
License
Reuse
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Support
Quality
Security
License
Reuse
Total Registry - enhanced Registry editor/viewer
Support
Quality
Security
License
Reuse
ICS/SCADA honeypot
Support
Quality
Security
License
Reuse
📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
Support
Quality
Security
License
Reuse
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
Support
Quality
Security
License
Reuse
InjectProc - Process Injection Techniques [This project is not maintained anymore]
Support
Quality
Security
License
Reuse
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
Support
Quality
Security
License
Reuse
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Support
Quality
Security
License
Reuse
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
Support
Quality
Security
License
Reuse
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
Support
Quality
Security
License
Reuse
WhatsApp Parser Toolset v1.59
Support
Quality
Security
License
Reuse
OWASP Foundation Web Respository
Support
Quality
Security
License
Reuse
C
CheatSheetSeriesby OWASP
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Python
23896Updated: 1 y ago License: Proprietary (Proprietary)
23896Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
A
Amassby OWASP
In-depth Attack Surface Mapping and Asset Discovery
Go 9025Updated: 2 y ago License: Proprietary (Proprietary)
9025Updated: 2 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
j
juice-shopby juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
TypeScript 8328Updated: 1 y ago License: Permissive (MIT)
8328Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
pyWhatby bee-san
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Python 5987Updated: 1 y ago License: Permissive (MIT)
5987Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
R
Reverse-Engineeringby mytechnotalent
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
C 5434Updated: 3 y ago License: Permissive (Apache-2.0)
5434Updated: 3 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
j
juice-shopby bkimminich
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
TypeScript 4913Updated: 3 y ago License: Permissive (MIT)
4913Updated: 3 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
M
MISPby MISP
MISP (core software) - Open Source Threat Intelligence and Sharing Platform
PHP 4453Updated: 1 y ago License: Strong Copyleft (AGPL-3.0)
4453Updated: 1 y ago License: Strong Copyleft (AGPL-3.0)Support
Quality
Security
License
Reuse
g
grrby google
GRR Rapid Response: remote live forensics for incident response
Python 4358Updated: 2 y ago License: Permissive (Apache-2.0)
4358Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
o
openctiby OpenCTI-Platform
Open Cyber Threat Intelligence Platform
JavaScript 3647Updated: 1 y ago License: Proprietary (Proprietary)
3647Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
T
Top10by OWASP
Official OWASP Top 10 Document Repository
HTML 3623Updated: 1 y ago License: Proprietary (Proprietary)
3623Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
b
botnetsby maestron
This is a collection of #botnet source codes, unorganized. For EDUCATIONAL PURPOSES ONLY
C++ 2849Updated: 1 y ago
License: No License (No License)
2849Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
E
EasyHookby EasyHook
EasyHook - The reinvention of Windows API Hooking
C 2684Updated: 2 y ago License: Permissive (MIT)
2684Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
pe-sieveby hasherezade
Scans a given process. Recognizes and dumps a variety of potentially malicious implants (replaced/injected PEs, shellcodes, hooks, in-memory patches).
C++ 2489Updated: 1 y ago License: Permissive (BSD-2-Clause)
2489Updated: 1 y ago License: Permissive (BSD-2-Clause)Support
Quality
Security
License
Reuse
S
ScareCrowby optiv
ScareCrow - Payload creation framework designed around EDR bypass.
Go 2444Updated: 1 y ago License: No License (No License)
2444Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
o
owasp-modsecurity-crsby SpiderLabs
OWASP ModSecurity Core Rule Set (CRS) Project (Official Repository)
Perl 2394Updated: 1 y ago License: Permissive (Apache-2.0)
2394Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
s
sleuthkitby sleuthkit
The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.
C 2284Updated: 1 y ago License: No License (No License)
2284Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
R
ReflectiveDLLInjectionby stephenfewer
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
C 2244Updated: 1 y ago License: Permissive (BSD-3-Clause)
2244Updated: 1 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
t
timesketchby google
Collaborative forensic timeline analysis
Python 2231Updated: 1 y ago License: Permissive (Apache-2.0)
2231Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
r
rpi-cloneby billw2
A shell script to clone a booted disk.
Shell 2209Updated: 2 y ago License: Permissive (BSD-3-Clause)
2209Updated: 2 y ago License: Permissive (BSD-3-Clause)Support
Quality
Security
License
Reuse
v
velociraptorby Velocidex
Digging Deeper....
Go 1947Updated: 1 y ago License: Proprietary (Proprietary)
1947Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
H
HUNTby bugcrowd
Python 1936Updated: 1 y ago License: Permissive (Apache-2.0)
1936Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
a
autopsyby sleuthkit
Autopsy® is a digital forensics platform and graphical interface to The Sleuth Kit® and other digital forensics tools. It can be used by law enforcement, military, and corporate examiners to investigate what happened on a computer. You can even use it to recover photos from your camera's memory card.
Java 1926Updated: 1 y ago License: No License (No License)
1926Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
a
awesome-nodejs-securityby lirantal
Awesome Node.js Security resources
JavaScript 1899Updated: 3 y ago License: No License (No License)
1899Updated: 3 y ago License: No License (No License)Support
Quality
Security
License
Reuse
n
nexfilby thewhiteh4t
OSINT tool for finding profiles by username
Python 1778Updated: 1 y ago License: Permissive (MIT)
1778Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
N
NodeGoatby OWASP
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
HTML 1732Updated: 1 y ago License: Permissive (Apache-2.0)
1732Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
W
WSLby MicrosoftDocs
Source code behind the Windows Subsystem for Linux documentation.
PowerShell 1686Updated: 1 y ago License: Proprietary (Proprietary)
1686Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
X
Support
Quality
Security
License
Reuse
c
corerulesetby coreruleset
OWASP ModSecurity Core Rule Set (Official Repository)
Python 1559Updated: 1 y ago License: Permissive (Apache-2.0)
1559Updated: 1 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
s
sciencehack.inby fossasia
Science Hack Day in India http://sciencehack.in
HTML 1510Updated: 2 y ago License: Permissive (MIT)
1510Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
p
plasoby log2timeline
Super timeline all the things
Python 1444Updated: 2 y ago License: Permissive (Apache-2.0)
1444Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
R
Support
Quality
Security
License
Reuse
P
PcapXrayby Srinivas11789
:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
Python 1415Updated: 2 y ago License: Strong Copyleft (GPL-2.0)
1415Updated: 2 y ago License: Strong Copyleft (GPL-2.0)Support
Quality
Security
License
Reuse
i
investigationsby AmnestyTech
Indicators from Amnesty International's investigations
Python 1409Updated: 2 y ago License: No License (No License)
1409Updated: 2 y ago License: No License (No License)Support
Quality
Security
License
Reuse
y
yetiby yeti-platform
Your Everyday Threat Intelligence
Python 1358Updated: 2 y ago License: Permissive (Apache-2.0)
1358Updated: 2 y ago License: Permissive (Apache-2.0)Support
Quality
Security
License
Reuse
a
adversarial-attacks-pytorchby Harry24k
PyTorch implementation of adversarial attacks.
Python 1337Updated: 1 y ago License: Permissive (MIT)
1337Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
D
Diamorphineby m0nad
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
C 1327Updated: 1 y ago License: Proprietary (Proprietary)
1327Updated: 1 y ago License: Proprietary (Proprietary)Support
Quality
Security
License
Reuse
P
PowerForensicsby Invoke-IR
PowerForensics provides an all in one platform for live disk forensic analysis
C# 1304Updated: 1 y ago License: Permissive (MIT)
1304Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
D
Dumpertby outflanknl
LSASS memory dumper using direct system calls and API unhooking.
C 1241Updated: 1 y ago License: No License (No License)
1241Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
b
beagleby yampelo
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
Python 1206Updated: 2 y ago License: Permissive (MIT)
1206Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
T
TotalRegistryby zodiacon
Total Registry - enhanced Registry editor/viewer
C++ 1102Updated: 1 y ago License: Permissive (MIT)
1102Updated: 1 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
c
Support
Quality
Security
License
Reuse
a
andrillerby den4uk
📱 Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
Python 1087Updated: 2 y ago License: Permissive (MIT)
1087Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
M
Mangleby optiv
Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs
Go 1015Updated: 2 y ago License: Permissive (MIT)
1015Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
I
InjectProcby secrary
InjectProc - Process Injection Techniques [This project is not maintained anymore]
C++ 954Updated: 3 y ago License: Strong Copyleft (GPL-3.0)
954Updated: 3 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
B
BokuLoaderby boku7
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
C 935Updated: 2 y ago License: Permissive (MIT)
935Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
D
Digital-Forensics-Guideby mikeroyal
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Python 935Updated: 1 y ago License: No License (No License)
935Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
v
vapiby roottusk
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
HTML 933Updated: 2 y ago License: Strong Copyleft (GPL-3.0)
933Updated: 2 y ago License: Strong Copyleft (GPL-3.0)Support
Quality
Security
License
Reuse
i
injdrvby wbenny
proof-of-concept Windows Driver for injecting DLL into user-mode processes using APC
C 929Updated: 2 y ago License: Permissive (MIT)
929Updated: 2 y ago License: Permissive (MIT)Support
Quality
Security
License
Reuse
w
whapaby B16f00t
WhatsApp Parser Toolset v1.59
Python 919Updated: 1 y ago License: No License (No License)
919Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse
w
www-project-top-tenby OWASP
OWASP Foundation Web Respository
HTML 913Updated: 1 y ago License: No License (No License)
913Updated: 1 y ago License: No License (No License)Support
Quality
Security
License
Reuse