An evolving how-to guide for securing a Linux server.

Unbound is a validating, recursive, and caching DNS resolver.

A collection of servers which are deliberately vulnerable to learn Pentesting MCP Servers.

A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.

Tmux plugin for copying to system clipboard. Works on OSX, Linux and Cygwin.

copy pasting in terminal with vimium/vimperator like hints.

Collection of online security resources

Spartacus DLL/COM Hijacking Toolkit

Retrieves exported functions from a legitimate DLL and generates a proxy DLL source code/template for DLL proxy loading or sideloading

Domain Password Audit Tool for Pentesters

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Go Optimization Guide: Patterns and Techniques for Writing High-Performance Applications with Go

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

CLI tool that will automate Pentesting for the most common vulnerabilties on a website. For anyone intereted in grayhats come join my discord

TCP/IP packet demultiplexer. Download from:

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

A wordlist framework to fullfill your kinks with your wordlists. For security researchers, bug bounty and hackers.

A collaborative, multi-platform, red teaming framework

↕️🤫 Stealth redirector for your red team operation security

The FLARE team's open-source tool to identify capabilities in executable files.

Fast GitHub recon tool. Scans for leaked secrets across all of GitHub, not just known repos and orgs. Support for GitHub dorks.

Tool to enumerate privileged Scheduled Tasks on Remote Systems

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev

Cmd.exe Command Obfuscation Generator & Detection Test Harness

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.