security
Fearless Kubernetes App Updates. Check your Kubernetes manifests before it hits the cluster.
kubechecks allows users of Github and Gitlab to see exactly what their changes will affect on their current ArgoCD deployments, as well as automatically run various conformance test suites prior to merge.
A safer way to run remote scripts.
Stop blindly piping to bash. vet lets you inspect remote scripts for changes, run them through a linter, and require your explicit approval before they can execute.
vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versions, and lint remote scripts before asking for your explicit approval to execute. Promoting a safer, more transparent way to handle remote code execution.
Kingfisher is a blazingly fast secret‑scanning and validation tool built in Rust. It combines Intel’s hardware‑accelerated Hyperscan regex engine with language‑aware parsing via Tree‑Sitter, and ships with hundreds of built‑in rules to detect, validate, and triage secrets before they ever reach production.
Related contents:
Don't hit the south wall, don't turn back. An industry-leading free, high-performance, AI and semantic technology web application and API security protection product.
UUSEC WAF Web Application Firewall is an industrial grade free, high-performance, and highly scalable web application and API security protection product that supports AI and semantic engines. It is a comprehensive website protection product launched by UUSEC Technology, which first realizes the three-layer defense function of traffic layer, system layer, and runtime layer.
Login screen for your apps. The simplest way to protect your apps with a login screen.
Tinyauth is a simple authentication middleware that adds a simple login screen or OAuth with Google, Github and any provider to all of your docker apps. It supports all the popular proxies like Traefik, Nginx and Caddy.
Related contents:
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management.
OWASP Nettacker project was created to automate information gathering, vulnerability scanning and in general to aid penetration testing engagements. Nettacker is able to run various scans using a variety of methods and generate scan reports(in HTML/TXT/JSON/CSV format) for applications and networks, including discovering open ports, services, bugs, vulnerabilities, misconfigurations, default credentials, subdomains, etc. Nettacker can be run as a command-line utility (including running as a Docker container), API, Web GUI mode or as Maltego transforms.
Interactive security awareness game simulating a retro Windows 95 environment to teach users about online scams and phishing attacks. 🏆 Hackaburg 2025 Winner.
Doors95 is an interactive browser game built to teach users about dangers they can encounter while doing (daily) tasks on a computer. You are placed onto a simulated computer desktop inspired by Windows 95 and are guided through the different missions by our AI assistant Skippy. The main objective is to complete the task at hand without getting infected with viruses.
SpeculationControl is a PowerShell script that summarizes the state of configurable Windows mitigations for various speculative execution side channel vulnerabilities, such as CVE-2017-5715 (Spectre variant 2) and CVE-2017-5754 (Meltdown).
Related contents:
zizmor is a static analysis tool for GitHub Actions. It can find many common security issues in typical GitHub Actions CI/CD setups.
Related contents:
Malware sample exchange.
MalwareBazaar is a platform from abuse.ch and Spamhaus, dedicated to sharing malware samples with the infosec community, antivirus vendors, and threat intelligence providers. Upload malware samples and explore the database for valuable intelligence. Set alerts to track newly observed malware, use APIs to seamlessly push or pull signals, and automate bulk queries.
Related contents:
Agentless Vulnerability Scanner for Linux/FreeBSD.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices.
Safer python package installs with audit and consent 𝘣𝘦𝘧𝘰𝘳𝘦 install.
Pipask is a drop-in replacement for pip that performs security checks before installing a package. Unlike pip, which needs to download and execute code from source distribution first to get dependency metadata, pipask relies on metadata from PyPI whenever possible. If 3rd party code execution is necessary, pipask asks for consent first. The actual installation is handed over to pip if installation is approved.
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security level
Own Your IAM with a Perpetual License. Open source alternative to Auth0 / Firebase Auth.
Authgear is an open-source extensible turnkey solution for all of your consumer authentication needs. Authgear gets you started in 5 minutes with developer-friendly SDKs and a comprehensive portal.
Generate a MITRE ATT&CK Navigator based on a list of CVEs. Database with CVE, CWE, CAPEC, and MITRE ATT&CK Techniques data is updated daily.
The CVE Foundation has been formally established to ensure the long-term viability, stability, and independence of the Common Vulnerabilities and Exposures (CVE) Program, a critical pillar of the global cybersecurity infrastructure for 25 years.
Related contents:
As per the NIS2 Directive, ENISA is mandated to develop and maintain the European vulnerability database.
Access to reliable and timely information about vulnerabilities affecting Information and Communication Technology (ICT) products and services contributes to an enhanced cybersecurity risk management. Sources of publicly available information about vulnerabilities are an important tool for users of these services, competent authorities, and the broader cybersecurity community. ENISA has established a European Vulnerability Database (EUVD) where entities, regardless of whether they fall within the scope of the NIS2 Directive, and their suppliers of network and information systems, as well as competent authorities, most notably CSIRTs, can voluntarily disclose and register publicly known vulnerabilities to allow users to take appropriate mitigating measures.
Cloud native secrets management for developers - never leave your command line for secrets.
Never leave your terminal to use secrets while developing, testing, and building your apps.
Instead of custom scripts, tokens in your .zshrc files, visible EXPORTs in your bash history, misplaced .env.production files and more around your workstation -- just use teller and connect it to any vault, key store, or cloud service you like (Teller support Hashicorp Vault, AWS Secrets Manager, Google Secret Manager, and many more).
Security scanner for MCP servers
MCP-Shield scans your installed MCP (Model Context Protocol) servers and detects vulnerabilities like tool poisoning attacks, exfiltration channels and cross-origin escalations.
Honeypot servers with an integrated threat feed.
Deceptifeed is a honeypot and threat feed server. It runs multiple deceptive network services (honeypots), while the threat feed lists IP addresses that have interacted with the honeypots. Additionally, Deceptifeed provides real-time visibility into honeypot activity, allowing you to monitor logs and interactions as they occur.
DNS Measurement, Troubleshooting and Security Auditing Toolset.
Ever been wondering if your ISP is hijacking your DNS traffic? Ever observed any misbehavior with your DNS responses? Ever been redirected to wrong address and suspected something is wrong with your DNS? Here we have a set of tools to perform basic audits on your DNS requests and responses to make sure your DNS is working as you expect.
Related contents:
Fix Inventory is an open-source cloud asset inventory tool for infrastructure and security engineers.
Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.
Fix Inventory enables a broad set of exploration and automation scenarios. Its foundation is a graph-based data model, which exposes resource metadata and dependency relationships between your service's assets.
A powerful CLI allows you to search, explore, and manage your cloud resources.
Related contents:
PhishTool gives human analysts the power to reverse engineer phishing emails, to better defend against them. PhishTool is to phishing emails as a disassembler is to malware or a forensic toolkit is to file systems.
Related contents:
The last bastion
Secure access to your internal SSH, HTTPS, MySQL and Postgres servers with SSO and RBAC.
Related contents:
A framework for securing software update systems.
The Update Framework (TUF) maintains the security of software update systems, providing protection even against attackers that compromise the repository or signing keys. TUF provides a flexible framework and specification that developers can adopt into any software update system.
Related contents:
OpenSSF Scorecard assesses open source projects for security risks through a series of automated checksIt was created by OSS developers to help improve the health of critical projects that the community depends on.
You can use it to proactively assess and make informed decisions about accepting security risks within your codebase. You can also use the tool to evaluate other projects and dependencies, and work with maintainers to improve codebases you might want to integrate.
Scorecard is an automated tool that assesses a number of important heuristics ("checks") associated with software security and assigns each check a score of 0-10. You can use these scores to understand specific areas to improve in order to strengthen the security posture of your project. You can also assess the risks that dependencies introduce, and make informed decisions about accepting these risks, evaluating alternative solutions, or working with the maintainers to make improvements.
Related contents:
The Package Analysis project analyses the capabilities of packages available on open source repositories. The project looks for behaviors that indicate malicious software:
-
What files do they access?
-
What addresses do they connect to?
-
What commands do they run?
Related contents:
A framework to secure the integrity of software supply chains.
in-toto is designed to ensure the integrity of a software product from initiation to end-user installation. It does so by making it transparent to the user what steps were performed, by whom and in what order.
Related contents:
A tool for preventing the installation of malicious PyPI and npm packages 🔥.
Supply-Chain Firewall is a command-line tool for preventing the installation of malicious PyPI and npm packages. It is intended primarily for use by engineers to protect their development workstations from compromise in a supply-chain attack.
Related contents:
An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.
This repository is an open-source dataset of 5938 malicious software packages (and counting) identified by Datadog, as part of our security research efforts in software supply-chain security. Most of the malicious packages have been identified by GuardDog.
Related contents:
🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages.
GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages or Go modules. It runs a set of heuristics on the package source code (through Semgrep rules) and on the package metadata. GuardDog can be used to scan local or remote PyPI and npm packages or Go modules using any of the available heuristics.
Related contents:
Bypass Microsoft Account creation during Windows 11/10 install.
With Microsoft’s recent Windows 11 updates, the bypass for the network requirement (NRO) was "effectively" blocked, forcing users into an online account creation. MSAPatcher brings back the simplicity of the bypassnro.cmd one-liner, allowing you to bypass the NRO without having to manually add registry keys or deal with complex workarounds.
Related contents:
SSLyze is a fast and powerful SSL/TLS scanning tool and Python library.
SSLyze can analyze the SSL/TLS configuration of a server by connecting to it, in order to ensure that it uses strong encryption settings (certificate, cipher suites, elliptic curves, etc.), and that it is not vulnerable to known TLS attacks (Heartbleed, ROBOT, OpenSSL CCS injection, etc.).
The GPOddity project, aiming at automating GPO attack vectors through NTLM relaying (and more).
Related contents:
Exploit Development and Reverse Engineering with GDB & LLDB Made Easy.
pwndbg (/paʊnˈdiˌbʌɡ/) is a GDB and LLDB plug-in that makes debugging suck less, with a focus on features needed by low-level software developers, hardware hackers, reverse-engineers and exploit developers.
Related contents:
La plainte en ligne pour les arnaques sur internet (THESEE)
Pour les victimes d'escroqueries sur internet : faux sites de vente, piratage de comptes de messagerie, extorsion d'argent pour débloquer un ordinateur... vous pouvez déposer une plainte en ligne grâce au dispositif THESEE.
Related contents:
tinc is a Virtual Private Network (VPN) daemon that uses tunnelling and encryption to create a secure private network between hosts on the Internet. tinc is Free Software and licensed under the GNU General Public License version 2 or later. Because the VPN appears to the IP level network code as a normal network device, there is no need to adapt any existing software. This allows VPN sites to share information with each other over the Internet without exposing any information to others.
Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available.
Most of the time when you are using a public network, you are behind some kind of firewall or proxy. One of their purpose is to constrain you to only use certain kind of protocols and consult only a subset of the web. Nowadays, the most widespread protocol is http and is de facto allowed by third party equipment.
Wstunnel uses the websocket protocol which is compatible with http in order to bypass firewalls and proxies. Wstunnel allows you to tunnel whatever traffic you want and access whatever resources/site you need.
Related contents:
Corkscrew is a tool for tunneling SSH through HTTP proxies, but... you might find another use for it.
Related contents:
Stealth tunneling through HTTP(S) proxies.
This is proxytunnel, a program that connects stdin and stdout to an origin server somewhere in the Internet through an industry standard HTTPS proxy. I originally wrote this program to be used as an extension to SSH, to be able to SSH to my box at home. In this file, I will describe the use with SSH. If you want to use it with some other application, feel free, and let me know!
Related contents:
opkssh is a tool which enables ssh to be used with OpenID Connect allowing SSH access management via identities like alice@example.com instead of long-lived SSH keys. It does not replace ssh, but rather generates ssh public keys that contain PK Tokens and configures sshd to verify the PK Token in the ssh public key. These PK Tokens contain standard OpenID Connect ID Tokens. This protocol builds on the OpenPubkey which adds user public keys to OpenID Connect without breaking compatibility with existing OpenID Provider.
Related contents:
Automated Forensic Analysis of Windows Memory Dumps for DFIR.
MemProcFS-Analyzer.ps1 is a PowerShell script utilized to simplify the usage of MemProcFS and to optimize your memory analysis workflow.
GLPI vulnerabilities checking tool.
glpwnme is a tool used to check for vulnerabilities on running instance of glpi.
Related contents:
Wr1t3Up d3 Hip5kull
Joueur de CTF sur diverses plateformes, l’idée de ce site est de mettre à disposition de tous, les diverses résolutions de machines effectuées. Passionné par la cybersécurité et l’IT, les CTFs me permettent d’apprendre énormément sur les failles et l’exploitation de ces dernières.
Fuzzowski-based OPCUA fuzzer.
Fuzzing should never be conducted on production equipment or systems. This testing technique can cause unexpected behavior, system crashes, data corruption, or security vulnerabilities. Always perform fuzzing in a controlled, isolated environment to ensure the safety and stability of production systems.
FuzzySully is an OPC UA fuzzer built upon Fuzzowski. It is a specialized testing tool designed to identify vulnerabilities and bugs in OPC UA (Open Platform Communications Unified Architecture) implementations. These fuzzers typically operate by generating and sending a large number of malformed or unexpected messages to an OPC UA server or client, with the goal of triggering unexpected behavior or crashes.
Related contents:
recover data from the Akira ransomware without paying the ransom.
Rust tool to detect cell site simulators on an orbic mobile hotspot. Rayhunter is an IMSI Catcher Catcher for the Orbic mobile hotspot.
Related contents:
Automated Command Line Identity Generation Tool for OSINT Investigators. Command Line Sock Puppet Creator for Investigators.
Loki can create a sock puppet identity, that you can use to create a fake online presence to start your investigations. As an OSINT, Private or any other Investigator who seeks to conduct OSINT investigations; you need a sock puppet which cannot be traced back to you. Setting up a sock puppet is easy; only if you know where to look for.
🤖 The Modern Port Scanner 🤖
The Modern Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported).
Adalanche is an Attack Graph Visualizer and Explorer for Active Directory. It shows the permissions users and groups have in an Active Directory. It's useful for visualizing and exploring who can take over accounts, machines, or the entire domain. It can find and show misconfigurations.
Related contents:
Ollama Automated Security Intelligence Scanner.
🛡️ An AI-powered security auditing tool that leverages Ollama models to detect and analyze potential security vulnerabilities in your code.
Advanced code security analysis through the power of AI
Related contents:
Dynamically program the kernel for efficient networking, observability, tracing, and security.
eBPF is a revolutionary technology with origins in the Linux kernel that can run sandboxed programs in a privileged context such as the operating system kernel. It is used to safely and efficiently extend the capabilities of the kernel without requiring to change kernel source code or load kernel modules.
Related contents:
🏄 Framework-agnostic CSRF middleware for modern Node.js.
This middleware helps web developers fight CSRF attacks. Bear in mind, by solely using this middleware, we can't guarantee your app will be free from CSRF attacks. Refer to CSRF Prevention Cheat Sheet and pillarjs/understanding-csrf for more details.
A completely free and open source email validation API that never stores your data. Built to support solopreneurs and the developer community.
A high-performance, cost-effective email validation service designed for indie hackers and small startups. The service validates email addresses in real-time, checking syntax, domain existence, MX records, and detecting disposable email providers. The main focus is on precision instead of recall, meaning instead of edge cases the focus is on having the biggest coverage.
2FAuth is a web based self-hosted alternative to One Time Passcode (OTP) generators like Google Authenticator, designed for both mobile and desktop.
Related contents:
Vulnerability-proof your Linux Operating Systems Deploy pristine, secure Linux images–whether containerized, running on a virtual machine, or deployed on bare metal.
Related contents:
Open Source Cloud Native Application Protection Platform (CNAPP).
Deepfence ThreatMapper hunts for threats in your production platforms, and ranks these threats based on their risk-of-exploit. It uncovers vulnerable software components, exposed secrets and deviations from good security practice. ThreatMapper uses a combination of agent-based inspection and agent-less monitoring to provide the widest possible coverage to detect threats.
Where companies get their teams secured.
Riot is the leading employee security posture management platform, keeping thousands of the world's leading companies safe from hackers.
Related contents:
AntiSquat leverages AI techniques such as natural language processing (NLP), large language models (ChatGPT) and more to empower detection of typosquatting and phishing domains.
Related contents: