A collaborative note taking, wiki and documentation platform that scales. Built with Django and React.

Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.

OpenSSF Scorecard - Security health metrics for Open Source

Write tests against structured configuration data using the Open Policy Agent Rego query language

Official GitHub Action for OpenSSF Scorecard.

Adversary simulation and Red teaming platform with AI

Cloud Carbon Footprint is a tool to estimate energy use (kilowatt-hours) and carbon emissions (metric tons CO2e) from public cloud usage

ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters

An Active Defense and EDR software to empower Blue Teams

The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.

goSDL

Windows privilege escalation (enumeration) script designed with OSCP labs (legacy Windows) in mind

A curated list of awesome Security Hardening techniques for Windows.

Phishing Tool & Information Collector

secureCodeBox (SCB) - continuous secure delivery out of the box

PiPot (Micro Honeypot for RPi)

Modern Honey Network

Open-source vulnerability disclosure and bug bounty program database

Distributed alerting for the masses!

The Most Comprehensive Docker Security Scanner

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.