Generate malicious URL blocklists for DNSBL applications like pfBlockerNG or Pi-hole by scanning various public URL sources using the Safe Browsing API from Google and/or Yandex.

Devika is an Agentic AI Software Engineer that can understand high-level human instructions, break them down into steps, research relevant information, and write code to achieve the given objective…

IOC's from the Uptycs Threat Research Blogs

Standalone utility for service discovery on open ports!

Telegram Monitor

raw html extractor from Hurricane Electric portal

game of active directory

♠️ Noir is an attack surface detector form source code.

Challenge repository for the 2023 CSAW CTF Qualifiers

All-in-One malware analysis tool.

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident resp…

This tool was open sourced as part of JARM Randomizer: Evading JARM Fingerprinting for HiTB Amsterdam 2021.

CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete re…

APIKit：Discovery, Scan and Audit APIs Toolkit All In One.

Building an Automated Perimeter Scanning System with Open Source Tools - NMAP, IVRE and Netbox

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

GPS is a scanning platform that learns and predicts the location of IPv4 services across all 65K ports.

Python driver for Wappalyzer, a web application detection utility.

LZR quickly detects and fingerprints unexpected services running on unexpected ports.

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

Platform that collects TLS certificates from active scans and certificate transparency logs and allows modules to perform analysis and provide tags.

A repository for possible zgrab2 configurations

RedEye is a visual analytic tool supporting Red & Blue Team operations

ICS security resources

Collection of methodology and test case for various web vulnerabilities.

The Havoc Framework

A Python tool for converting and updating CVE data from NVD to mongodb. This is also a back-end tool for the CVEData.com site which is an alternative for the CVEDetails.com.

This is a beginner's Tamarin Guide which is not meant to be exhaustive. For a comprehensive explanation of Tamarin, please refer to the official manual on https://tamarin-prover.github.io.