Highlights
- Pro
Stars
Cybersecurity AI (CAI), the framework for AI Security
AI agent for autonomous cyber operations
Collection of Jupyter Lab notebooks to help learn Generative AI
LLM-Powered Code Security Scanning
PaaS Cloud Goat is a simulated vulnerable Salesforce application providing hands-on experience with penetration testing of custom Salesforce applications.
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps C…
All-in-one AI automation platform (workflows, agents, cases, tables) for security, IT, and infra teams.
A curated list of GPT agents for cybersecurity
Configuration Management (CM) Security Playground. A small enterprise security lab to practice automation + CM tooling like Ansible, Chef, Puppet, SaltStack, DSCv2, DSCv3.
Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log ag…
Awesome List of Enterprise Security Tools' Community Edition
😎 Awesome lists about all kinds of interesting topics
An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built for IaC stability, consistency, and speed.
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
The definitive Web UI for local AI, with powerful features and easy setup.
DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation of repeatable detection samples in the cloud. Built on Google…
Extract URLs, paths, secrets, and other interesting bits from JavaScript
A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test.
Determine privileges from cloud credentials via brute-force testing.
BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse entities and configurable, traversable attack paths.
A guidance language for controlling large language models.
Public repository to provide guidance and examples for people to start learning IaC. This repository also contains some open-hack style labs and labs used in Microsoft workshops.
AutoGPT is the vision of accessible AI for everyone, to use and to build on. Our mission is to provide the tools, so that you can focus on what matters.