Roo Code gives you a whole dev team of AI agents in your code editor.

pfSense/OPNsense + Elastic Stack

Work with remote images registries - retrieving information, images, signing content

A vulnerability scanner for container images and filesystems

Omnisci3nt – See What They’ve Tried to Hide Extract deep intelligence from any domain. From subdomains to SSL certs, archived secrets to exposed ports — Omnisci3nt gives you the full picture in sec…

OSINT tool to find breached emails, databases, pastes, and relevant information

Autoswagger by Intruder - detect API auth weaknesses

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!

Python tool to find potential Server Side Reqest Forgery (SSRF) vulnerability parameters.

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

Go CLI and Library for quickly mapping organization network ranges using ASN information.

Collection of Cyber Threat Intelligence sources from the deep and dark web

AADInternals PowerShell module for administering Azure AD and Office 365

Display and control your Android device

CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Main Sigma Rule Repository

A lightweight toolkit for testing Web Application Firewall (WAF) effectiveness and identifying security gaps. This repository is available as a template that you can quickly customize for your own …

400 plus rules available. scan4secrets is a lightweight source code scanner that detects hardcoded secrets, API keys, credentials, and sensitive information across files and folders.

A comprehensive collection of resources, tools, tips, and guides for preparing and succeeding in the OSCP (Offensive Security Certified Professional) certification.

The Network Execution Tool

Security platform that protects your web application or SaaS from cyber fraud, account takeovers, spam, and abuse. Get started for free.

MISP Playbooks

A PowerShell script that attempts to help malware analysts hide their VMware Windows VM's from malware that may be trying to evade analysis.

Automated All-in-One OS Command Injection Exploitation Tool.

KQL Queries. Microsoft Defender, Microsoft Sentinel

Web Application Penetration Testing

Malicious traffic detection system

DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelligent domain name variations to assist in subdomain discove…

Rules shared by the community from 100 Days of YARA 2024