An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Find secrets with Gitleaks 🔑

Infisical is the open-source platform for secrets, certificates, and privileged access management.

Find, verify, and analyze leaked credentials

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

Loads environment variables from .env for nodejs projects.

🤖 The Modern Port Scanner 🤖

Daemon to ban hosts that cause multiple authentication errors

Fully autonomous AI hacker to find actual exploits in your web apps. Shannon has achieved a 96.15% success rate on the hint-free, source-aware XBOW Benchmark.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Scapy: the Python-based interactive packet manipulation program & library.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Adversary Emulation Framework

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more