Repositories list

• PEASS-ng

  Public
  PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

  C#

  •

  Other

  •3.2k•0•0•0•Updated Sep 5, 2024Sep 5, 2024

• prowler

  Public
  Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

  Python

  •

  Apache License 2.0

  •1.7k•0•0•0•Updated Jun 5, 2024Jun 5, 2024

• k8s-hardening

  Public
  Secure your Kubernetes cluster with the most good practices from CIS in a automated way using Ansible.

  dockerkubernetesansible+ 3vagrantk8scis-benchmarks

  Shell

  •

  MIT License

  •1•1•0•0•Updated May 25, 2024May 25, 2024

• modelscan

  Public
  Protection against Model Serialization Attacks

  Python

  •

  Apache License 2.0

  •87•0•0•0•Updated Jan 13, 2024Jan 13, 2024

• bettercap

  Public
  The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.

  Go

  •

  Other

  •1.5k•0•0•0•Updated Jan 7, 2024Jan 7, 2024

• mimikatz

  Public
  A little tool to play with Windows security

  C

  •3.8k•0•0•0•Updated Jan 5, 2024Jan 5, 2024

• mutillidae

  Public
  OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.

  PHP

  •

  GNU General Public License v3.0

  •445•0•0•0•Updated Jan 1, 2024Jan 1, 2024

• WebGoat

  Public
  WebGoat is a deliberately insecure application

  JavaScript

  •

  Other

  •6.2k•0•0•0•Updated Dec 29, 2023Dec 29, 2023

• social-engineer-toolkit

  Public
  The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

  Python

  •2.9k•0•0•0•Updated Dec 21, 2023Dec 21, 2023

• kube-bench

  Public
  Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

  Go

  •

  Apache License 2.0

  •1.3k•0•0•0•Updated Dec 21, 2023Dec 21, 2023

• windows_hardening

  Public
  HardeningKitty and Windows Hardening settings and configurations

  PowerShell

  •

  MIT License

  •325•0•0•0•Updated Dec 20, 2023Dec 20, 2023

• kube-goat

  Public
  A deliberately vulnerable Kubernetes cluster

  Shell

  •39•0•0•0•Updated Dec 15, 2023Dec 15, 2023

• HardeningKitty

  Public
  HardeningKitty - Checks and hardens your Windows configuration

  PowerShell

  •

  MIT License

  •179•0•0•0•Updated Dec 4, 2023Dec 4, 2023

• OSCP-Exam-Report-Template-Markdown

  Public
  📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

  Ruby

  •

  MIT License

  •770•0•0•0•Updated Nov 19, 2023Nov 19, 2023

• Havoc

  Public
  The Havoc Framework.

  Go

  •

  GNU General Public License v3.0

  •1k•0•0•0•Updated Nov 16, 2023Nov 16, 2023

• XSStrike

  Public
  Most advanced XSS scanner.

  Python

  •

  GNU General Public License v3.0

  •2k•0•0•0•Updated Nov 10, 2023Nov 10, 2023

• atomic-red-team

  Public
  Small and highly portable detection tests based on MITRE's ATT&CK.

  C

  •

  MIT License

  •2.9k•0•0•0•Updated Nov 9, 2023Nov 9, 2023

• brownie

  Public
  A Python-based development and testing framework for smart contracts targeting the Ethereum Virtual Machine.

  Python

  •

  MIT License

  •575•0•0•0•Updated Nov 8, 2023Nov 8, 2023

• public-pentesting-reports

  Public
  A list of public penetration test reports published by several consulting firms and academic security groups.

  CSS

  •2k•0•0•0•Updated Nov 3, 2023Nov 3, 2023

• SecLists

  Public
  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  PHP

  •

  MIT License

  •24k•0•0•0•Updated Oct 17, 2023Oct 17, 2023

• IoTSecurity101

  Public
  A Curated list of IoT Security Resources

  MIT License

  •504•0•0•0•Updated Oct 4, 2023Oct 4, 2023

• DependencyCheck

  Public
  OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

  Java

  •

  Apache License 2.0

  •1.3k•0•0•0•Updated Sep 11, 2023Sep 11, 2023

• CrackMapExec

  Public
  A swiss army knife for pentesting networks

  Python

  •

  BSD 2-Clause "Simplified" License

  •1.7k•0•0•0•Updated Sep 9, 2023Sep 9, 2023

• binwalk

  Public
  Firmware Analysis Tool

  Python

  •

  MIT License

  •1.6k•0•0•0•Updated Aug 23, 2023Aug 23, 2023

• picklescan

  Public
  Security scanner detecting Python Pickle files performing suspicious actions

  Python

  •

  MIT License

  •32•0•0•0•Updated Aug 4, 2023Aug 4, 2023

• theHarvester

  Public
  E-mails, subdomains and names Harvester - OSINT

  Python

  •2.1k•0•0•0•Updated Jul 31, 2023Jul 31, 2023

• Snaike-Kubeflow

  Public
  Scanner and exploit tool for Kubeflow versions <=1.7.0

  Python

  •

  Apache License 2.0

  •0•0•0•0•Updated Jul 28, 2023Jul 28, 2023

• ligolo-ng

  Public
  An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

  Go

  •

  GNU General Public License v3.0

  •329•0•0•0•Updated Jul 26, 2023Jul 26, 2023

• Snaike-MLflow

  Public
  MLflow red team toolsuite

  Python

  •

  Apache License 2.0

  •2•0•0•0•Updated Jun 15, 2023Jun 15, 2023

• EvilCrow-RF

  Public
  Evil Crow RF device.

  C++

  •

  Creative Commons Attribution 4.0 International

  •77•0•0•0•Updated Jun 13, 2023Jun 13, 2023