SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

MISP (core software) - Open Source Threat Intelligence and Sharing Platform

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Automate the creation of a lab environment complete with security tooling and logging best practices

Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.

Security automation content in SCAP, Bash, Ansible, and other formats

OSINT cheat sheet, list OSINT tools, wiki, dataset, article, book , red team OSINT for hackers and OSINT tips and OSINT branch. This repository will grow every time will research, there is a research, science and technology, tutorial. Please use it wisely.

iOS/macOS/Linux Remote Administration Tool

Hardening Ubuntu. Systemd edition.

Macro-header for compile-time C obfuscation (tcc, win x86/x64)

Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

Подробная инструкция (как в pdf, так и в md формате) о настройке своего совбственного Xray-VPS-сервера (с протоколом VLESS XTLS-Reality через панель 3x-ui), а также настройке клиентских приложений (ПК и телефон)

API Security Project aims to present unique attack & defense methods in API Security field

Automatic SSTI detection tool with interactive interface

Subdomain enumeration tool

AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project

Most usable tools for iOS penetration testing

My curated list of awesome links, resources and tools on infosec related topics

Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.

APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.

Unofficial DedSec Project GitHub Repository

AIL framework - Analysis Information Leak framework

A repository for using osquery for incident detection and response

A concise, directive, specific, flexible, and free incident response plan template

Lookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.

The web management platform of honeypot

A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.

BlueToolkit is an extensible Bluetooth Classic vulnerability testing framework that helps uncover new and old vulnerabilities in Bluetooth-enabled devices. Could be used in the vulnerability research, penetration testing and bluetooth hacking. We also collected and classified Bluetooth vulnerabilities in an "Awesome Bluetooth Security" way