A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Find, verify, and analyze leaked credentials

Application Kernel for Containers

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Work with remote images registries - retrieving information, images, signing content

Reconnaissance tool for GitHub organizations

syzkaller is an unsupervised coverage-guided kernel fuzzer

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start

SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across …

Flowpipe is a cloud scripting engine. Automation and workflow to connect your clouds to the people, systems and data that matters.

🐸 Scans your Git repository with JFrog Xray for security vulnerabilities. 🤖

A web honeypot library to create vulnerable-looking endpoints to detect and mislead attackers

A repository of reports of malicious packages identified in Open Source package repositories, consumable via the Open Source Vulnerability (OSV) format.

Octoscan is a static vulnerability scanner for GitHub action workflows.

KubeClarity is a tool for detection and management of Software Bill Of Materials (SBOM) and vulnerabilities of container images and filesystems