A list of cheat sheets for application security

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, …

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

The Single Sign-On Multi-Factor portal for web apps

secator - the pentester's swiss knife

Open-source dev tools for enterprise SSO. Ship SAML + SCIM support this afternoon.

Password protect a static HTML page, decrypted in-browser in JS with no dependency. No server logic needed.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

OpenSSF Scorecard - Security health metrics for Open Source

Find, verify, and analyze leaked credentials

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter

Unofficial Bitwarden compatible server written in Rust, formerly known as bitwarden_rs

A Security Tool for Bug Bounty, Pentest and Red Teaming.

Community curated list of templates for the nuclei engine to find security vulnerabilities.

An open-source UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform with web UI supporting OAuth 2.0, OIDC, SAML, CAS, LDAP, SCIM, WebAuthn, TOTP, MFA, Face ID, RADIUS, Goo…

Python-based Hashcat wrapper for easy decryption.

A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.

Open-source Auth0/Clerk alternative

🕵️‍♂️ All-in-one OSINT tool for analysing any website