continuous fuzzing for open source software.
Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer overflow, can have serious security implications. Google has found thousands of security vulnerabilities and stability bugs by deploying guided in-process fuzzing of Chrome components, and we now want to share that service with the open source community.
This project aims at hosting tutorials, examples, discussions, research proposals, and other resources related to fuzzing.
Fuzz testing is a well-known technique for uncovering programming errors in software. Many of these detectable errors, like buffer overflow, can have serious security implications. Google has found thousands of security vulnerabilities and stability bugs by deploying guided in-process fuzzing of Chrome components, and we now want to share that service with the open source community.
OpenVEX is an implementation of the Vulnerability Exploitability Exchange (VEX for short) that is designed to be minimal, compliant, interoperable, and embeddable. The specification is available in the OPENVEX-SPEC.md file of this repository.
This project is aimed at providing technical guides on various hacking tools.
Keep in mind that these guides are maintained by non-omniscient security enthusiasts in their spare time. You will probably find things missing or mistakes.
This project is aimed at providing technical guides on various hacking topics.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics. These cheat sheets were created by various application security professionals who have expertise in specific topics.
Single-file PHP shell.
p0wny@shell:~# is a very basic, single-file, PHP shell. It can be used to quickly execute commands on a server when pentesting a PHP application. Use it with caution: this script represents a security risk for the server.
Get organizations to delete your account or provide a copy of your personal information.
Many organizations collect and sell your personal data, often without your consent. Use this free service to send them a data deletion or access request.
Strengthen the security posture of your source-code management!
Detect and remediate misconfigurations, security and compliance issues across all your GitHub and GitLab assets with ease.
Powershell module for VMWare vSphere forensics.
The DFIR4vSphere PowerShell module collects logs and forensics artefacts on both ESXi hosts and the vCenter console.
Nikto web server scanner
Expose your services easily and securely.
This project comes as a pre-built docker image that enables you to easily forward to your websites running at home or otherwise, including free SSL, without having to know too much about Nginx or Letsencrypt.
Nginx Proxy Manager @ GitHub.
An auditing tool for detecting vulnerabilities, powered by advisory databases that follow the OSV specification.
MySafeIp is a web app acting as a trusted IP source for firewalls.
With it, I don't have to open my own services (Nextcloud, bitwarden, etc...) worldwilde. Just me, my family and friends can use those services easily. Family and friends don't even need an account to mysafeip with instant link feature.
Fully featured and community-driven hacking environment.
Exegol is a community-driven hacking environment, powerful and yet simple enough to be used by anyone in day to day engagements. Exegol is the best solution to deploy powerful hacking environments securely, easily, professionally. Exegol fits pentesters, CTF players, bug bounty hunters, researchers, beginners and advanced users, defenders, from stylish macOS users and corporate Windows pros to UNIX-like power users.
Curated lists of tools, tips and resources for protecting digital security and privacy
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
bettercap is a powerful, easily extensible and portable framework written in Go which aims to offer to security researchers, red teamers and reverse engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking WiFi networks, Bluetooth Low Energy devices, wireless HID devices and Ethernet networks.
The Data Platform for the Hybrid World.
The Unifier Security and Observability Platform.
A data platform built for expansive data access, powerful analytics and automation
Free Open source disk encryption with strong security for the Paranoid.
VeraCrypt is a free open source disk encryption software for Windows, Mac OSX and Linux.
Vulnerability scanner written in Go which uses the data provided by https://osv.dev.
Use OSV-Scanner to find existing vulnerabilities affecting your project's dependencies.
OSV-Scanner provides an officially supported frontend to the OSV database that connects a project’s list of dependencies with the vulnerabilities that affect them.