ShellCheck, a static analysis tool for shell scripts

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

latest version of scanners for IIS short filename (8.3) disclosure vulnerability

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Chat with LLM in your terminal, be it shell generator, story teller, linux-terminal, etc.

fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

🪲 Portable log aggregation tool for middle-scale system operation/troubleshooting.

nodejsscan is a static security code scanner for Node.js applications.

🐶 Automated code review tool integrated with any code analysis tools regardless of programming language

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Bash command line framework and CLI generator

Rockyou for web fuzzing

OWASP Joomla Vulnerability Scanner Project https://www.secologist.com/

Proof of Concept for Path Traversal in Apache Struts ("CVE-2023-50164")

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Getting a handle on container security

DotDotPwn - The Directory Traversal Fuzzer

OWASP API Security Project

OSCP Cheat Sheet

Hacktoberfest OPEN FIRST Pull Request 🎉

Most advanced XSS scanner.

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

A swiss army knife for pentesting networks

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

CORS Misconfiguration Scanner

A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.

A collection of tools to perform searches on GitHub.

A tool to link a domain with registered organisation names and emails, to other domains.

A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF