Autoswagger by Intruder - detect API auth weaknesses

InSpec: Auditing and Testing Framework

IaC framework for k8s clusters

A cross platform tool to manage your Azure Service Bus instances

Check subdomains for subdomain takeovers and other DNS tomfoolery

Open-source Windows and Office activator featuring HWID, Ohook, TSforge, and Online KMS activation methods, along with advanced troubleshooting.

Permiso Security has created a tool to query snowflake environments for evidence of compromise, based on indicators from Permiso and the community.

CLI tool to automate docker image updates. Interactive or unattended with notifications, image backups, autoprune, no pre-pulling and more.

Minimalistic web frontend for OpenLDAP

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Reference implementation of OpenPubkey

This repository is a collection of powershell functions every hacker should know

The useful exploit finder

LLM powered fuzzing via OSS-Fuzz.

GitHub Actions runner images

The Internets #1 Subdomain Takeover Tool

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Multi-platform ACL generation system

REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

Repository for collaboration on monitor baselines for ALZ

Automatically load secrets from your preferred vault as environment variables or files, and clear them once your shell command is over.

A collection of BICEP/ARM templates that deploys on Azure a hub & spoke net topology aligned with Microsoft Enterprise scale landing zone ref architecture to use as playground for test and study. A…

Pentesting, made easy.

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

A tool for checking if MFA is enabled on multiple Microsoft Services

Terminal-based toolkit for GitHub data analysis.