The official Python library for Shodan

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

Open Source Identity and Access Management For Modern Applications and Services

WebGoat is a deliberately insecure application

secator - the pentester's swiss knife

A plugin-based scanner that aids security researchers in identifying issues with several CMSs, mainly Drupal & Silverstripe.

Real-world infosec wordlists, updated regularly

🍍 SeaSponge is an accessible threat modelling tool from Mozilla

sophisticated command line file transfer program (ftp, http, sftp, fish, torrent)

Awesome apps, software, and SaaS deals on Black Friday.

All the deals for InfoSec related software/tools this Black Friday

All the deals for InfoSec related software/tools this Black Friday

Red Team Rust (Maldev)

Portable Executable reversing tool with a friendly GUI

Official docs, website, and handbook for PostHog.

The Simple Agent Development Kit.

A secure low code honeypot framework, leveraging AI for System Virtualization.

Powershell tool to automate Active Directory enumeration.

Dumping DPAPI credz remotely

Advanced Domain Controller attack and credential analysis tool leveraging DonPAPI database

Bitor Scanning Software

ODAT: Oracle Database Attacking Tool

Python Library for interfacing into Tenable's platform APIs

Vulnerability Compliance Report Tool used to parse Nessus files into html reports created by SynerComm, Inc.

BEERUS Framework for Android

SMBMap is a handy SMB enumeration tool

Secrets Find0r is a multithreaded SMB share crawler that hunts for exposed credentials and secrets across Windows networks. It enumerates shares, recursively scans files with regex/keyword rules, h…

AI agent for autonomous cyber operations

A Workflow Engine for Offensive Security