Stars
An SSHCA that uses a standard Yubikey to issue new host and user certificates.
Watches for trigger packets, runs commands or spawns a shell
Provide a shell like interface by utilizing osquery's distributed API
The best-in-class HTTP Debugger for macOS. Capture HTTP/HTTPS from macOS, iOS, Android with a few clicks ✅
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
domain name/brand infringement detector. pulls newly registered domains daily, searches variations of your company domain names and alerts on typo squatters/phishing domains.
checks site content against known good ssdeep hash, identifies matches
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
StreamAlert is a serverless, realtime data analysis framework which empowers you to ingest, analyze, and alert on data from any environment, using datasources and alerting logic you define.
A collection of various awesome lists for hackers, pentesters and security researchers
A collection of small bash scripts for heavy terminal users
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
A pure Unix shell script ACME client for SSL / TLS certificate automation
Find, verify, and analyze leaked credentials
Some setup scripts for security research tools.
Community guide to securing and improving privacy on macOS.
match command-line arguments to their help text
Enabling 2fac confirmation for newly connected USB devices
Vagrant Box that will deploy a bare ubuntu box (vmware or virtualbox) and install MSF on top.
Platform to host Capture the Flag competitions
A collection of PHP backdoors. For educational or testing purposes only.