Links
AddThe penetration testing execution standard consists of seven (7) main sections.
These cover everything related to a penetration test - from the initial communication and reasoning behind a pentest, through the intelligence gathering and threat modeling phases where testers are working behind the scenes in order to get a better understanding of the tested organization, through vulnerability research, exploitation and post exploitation, where the technical security expertise of the testers come to play and combine with the business understanding of the engagement, and finally to the reporting, which captures the entire process, in a manner that makes sense to the customer and provides the most value to it.
Tools to support cloud guardrails implementation and compliance checks for Microsoft Azure.
Official Black Hat Arsenal Security Tools Repository.
Black Hat Arsenal Security Tools @ GitHub: This github account maps to the Black Hat Arsenal tools since its inception in 2011. For readibility, the tools are classified by category and not by session.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
Open source clones of popular sites.
100+ open-source clones and alternatives of popular sites like Airbnb, Amazon, Instagram, Netflix, Tiktok, Spotify, Whatsapp, Youtube, etc. List contains source code, tutorials, demo links, tech stack, and GitHub stars count. Great for learning purpose!
General Architecture for Text Engineering.
GATE is an open source software toolkit capable of solving almost any text processing problem.
Unstructured Information Management applications are software systems that analyze large volumes of unstructured information in order to discover knowledge that is relevant to an end user. An example UIM application might ingest plain text and identify entities, such as persons, places, organizations; or relations, such as works-for or located-at.
UIMA enables applications to be decomposed into components, for example "language identification" => "language specific segmentation" => "sentence boundary detection" => "entity detection (person/place names etc.)".
Minimalistic New Tab Page CLI Tool with a greeting, date and time, inspirational quotes and your personal tasks and to-do list
Telehealth Open Source software. Simple & Secure remote consultations solution.
golang TUI music player.
Gomu is intuitive, powerful CLI music player. It has embedded scripting language and event hook to enable user to customize their config extensively.
Folium builds on the data wrangling strengths of the Python ecosystem and the mapping strengths of the Leaflet.js library. Manipulate your data in Python, then visualize it in a Leaflet map via Folium.
Security auditing tool for Linux, macOS, and Unix-based systems.
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007.
FIRST is the premier organization and recognized global leader in incident response. Membership in FIRST enables incident response teams to more effectively respond to security incidents - reactive as well as proactive.
FIRST brings together a variety of computer security incident response teams from government, commercial, and educational organizations. FIRST aims to foster cooperation and coordination in incident prevention, to stimulate rapid reaction to incidents, and to promote information sharing among members and the community at large.
CLI tool that can execute SQL queries on CSV, LTSV, JSON and TBLN. Can output to various formats.
Protect your business, scale your security. Open Source Vulnerability Management Platform.
Security has two difficult tasks: designing smart ways of getting new information, and keeping track of findings to improve remediation efforts. With Faraday, you may focus on discovering vulnerabilities while we help you with the rest. Just use it in your terminal and get your work organized on the run. Faraday was made to let you take advantage of the available tools in the community in a truly multiuser way.
Faraday aggregates and normalizes the data you load, allowing exploring it into different visualizations that are useful to managers and analysts alike.
This is a PHP implementation of the Money pattern.
This library intends to provide tools for storing and using monetary values in an easy, yet powerful way.
Free and Open-Source CalDAV and CardDAV Server.
Radicale is a small but powerful CalDAV (calendars, to-do lists) and CardDAV (contacts) server.
Create animated GIFs from a screen recording. Capture your screen to a GIF in your browser.
Client-side only, no data is uploaded. Modern browser required.
Dolt is Git for data. The world's first and only version-controlled SQL database.
Dolt is a SQL database that you can fork, clone, branch, merge, push and pull just like a Git repository.
Connect to Dolt just like any MySQL database to read or modify schema and data. Version control functionality is exposed in SQL via system tables, functions, and procedures.
Related contents:
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Related contents:
The World Factbook provides basic intelligence on the history, people, government, economy, energy, geography, environment, communications, transportation, military, terrorism, and transnational issues for 266 world entities.
This new edition depicts 529 cable systems and 1,444 landings that are currently active or under construction.
180K+ open source icons.
Download, Customize, Edit and Personalize.Over 180k+ open source icons.
All-in-One malware analysis tool.
All-in-One malware analysis tool for analyze many file types, from Windows binaries to E-Mail files.
Cascading donations to github repositories. Support open-source projects with donations in crypto, and they will automatically forward a part of your donation to other open-source projects that made them possible.
A mini-game about pop ups, and the deviousness of websites and apps
EVIL CORP wants your data. It will use every trick in the book (and a few more, just for fun).
Step into the shadowy world of deceptive design and learn how online businesses exploit consumers through manipulative tricks and traps.
Before you settle on basing design decisions on a handful of strict breakpoints, make sure you consider the vast fragmentation of screen sizes and browser viewports.
A PHP code-quality tool.
When somebody commits changes, GrumPHP will run some tests on the committed code. If the tests fail, you won't be able to commit your changes. This handy tool will not only improve your codebase, it will also teach your co-workers to write better code following the best practices you've determined as a team.
Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. It is designed to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g. NetFlow, sFlow, IPFIX, RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to support distribution across multiple physical servers similar to VMware's vNetwork distributed vswitch or Cisco's Nexus 1000V.
Related contents:
An Instant Virtual Network on Your Laptop (or Other PC).
Mininet creates a realistic virtual network, running real kernel, switch and application code, on a single machine (VM, cloud or native), in seconds, with a single command.
Programming Protocol-independent Packet Processors (P4) is a domain-specific language for network devices, specifying how data plane devices (switches, NICs, routers, filters, etc.) process packets.
Collaboratively transforming network infrastructure by leveraging: Open Source Software, Cloud-Native and SDN Technologies, Disaggregation and White Box Hardware.
A Gradio web UI for Large Language Models. Supports transformers, GPTQ, llama.cpp (GGUF), Llama models.
The powerful and easiest way to run File Upload/sharing Service on your website. Trusted by thousands of webmasters since 2007.
Open Federation is a community-driven open source initiative to create and maintain a specification for federated GraphQL APIs. Be part of the future; let's craft together.
A community-driven source of knowledge for Language Server Index Format implementations
LSIF.dev is a community-driven site, maintained by Sourcegraph, to track development progress of LSIF indexers. Join our Discord.
A very small, very simple, yet very secure encryption tool.
Picocrypt is a very small (hence Pico), very simple, yet very secure encryption tool that you can use to protect your files. It's designed to be the go-to tool for encryption, with a focus on security, simplicity, and reliability. Picocrypt uses the secure XChaCha20 cipher and the Argon2id key derivation function to provide a high level of security, even from three-letter agencies like the NSA. Your privacy and security is under attack. Take it back with confidence by protecting your files with Picocrypt.
AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker.
It creates a database from the regular expression rules that it finds from the config file(s). Once this database is initialized it can be used to verify the integrity of the files. It has several message digest algorithms (see below) that are used to check the integrity of the file. All of the usual file attributes can also be checked for inconsistencies. It can read databases from older or newer versions. See the manual pages within the distribution for further info.
Kubernetes-native CI/CD building blocks.
Tekton is a powerful yet flexible Kubernetes-native open source framework for creating continuous integration and delivery (CI/CD) systems. It lets you build, test, and deploy across multiple cloud providers or on-premises systems by abstracting away the underlying implementation details.
Track your components
Luro is a no-code solution to track component usage, adoption, and success across your entire product.
A framework for managing and maintaining multi-language pre-commit hooks.
Git hook scripts are useful for identifying simple issues before submission to code review. We run our hooks on every commit to automatically point out issues in code such as missing semicolons, trailing whitespace, and debug statements. By pointing these issues out before code review, this allows a code reviewer to focus on the architecture of a change while not wasting time with trivial style nitpicks.
Laravel, PHP and JS Error Tracking. Track all your PHP and JavaScript errors in one place.
Get your resource requests "Just Right".
Goldilocks is a utility that can help you identify a starting point for resource requests and limits.
By using the kubernetes vertical-pod-autoscaler in recommendation mode, we can see a suggestion for resource requests on each of our apps. This tool creates a VPA for each workload in a namespace and then queries them for information.
The community dedicated to learning hardware. Hackster is a community dedicated to learning hardware, from beginner to pro.
Identity, Policy, Audit.
Manage Linux users and client hosts in your realm from one central location with CLI, Web UI or RPC access. Enable Single Sign On authentication for all your systems, services and applications.
Related contents:
An editor that converts images to pixel art, add dither, set palettes, and more! Made entirely in p5js.
Slideshow companion.
Write your talk/presentation in a simplified language (SliDeskFormat), generate it and visualize it in Web.
SliDesk is a new talk engine like RevealJS developped with Bun.
iOS framework for making Turbo native apps.
Build high-fidelity hybrid apps with native navigation and a single shared web view. Turbo Native for iOS provides the tooling to wrap your Turbo 7-enabled web app in a native iOS shell. It manages a single WKWebView instance across multiple view controllers, giving you native navigation UI with all the client-side performance benefits of Turbo.
The speed of a single-page web application without having to write any JavaScript.
Turbo uses complementary techniques to dramatically reduce the amount of custom JavaScript that most web applications will need to write.
At LinkedIn, we are using this curriculum for onboarding our entry-level talents into the SRE role.
Site Reliability Engineers (SREs) sits at the intersection of software engineering and systems engineering. While there are potentially infinite permutations and combinations of how infrastructure and software components can be put together to achieve an objective, focusing on foundational skills allows SREs to work with complex systems and software, regardless of whether these systems are proprietary, 3rd party, open systems, run on cloud/on-prem infrastructure, etc. Particularly important is to gain a deep understanding of how these areas of systems and infrastructure relate to each other and interact with each other. The combination of software and systems engineering skills is rare and is generally built over time with exposure to a wide variety of infrastructure, systems, and software.
Challenges & docs from JS Algorithms & Data Structures course.
This is the sandbox for my 70+ JS Challenges: Data Structures & Algorithms Course. Just about all of the concepts that are included, also exist in other languages. So, if you are not a JavaScript developer, you can still follow along and learn from this course/repo.
A micro-animations library.
Animated icons in Lottie Framework for immediate implementation to your apps or websites.