Infosec
Showing 24 of 24 projects
An open-source unified XDR and SIEM platform for threat prevention, detection, and response across endpoints and cloud workloads.
A comprehensive collection of hacking tools, resources, and references for learning and practicing ethical hacking and penetration testing.
An open-source exploitation framework dedicated to embedded devices for penetration testing and vulnerability assessment.
A PowerShell framework for offensive security, penetration testing, and red teaming with scripts for all phases.
A curated collection of interesting, funny, and concerning search queries for Shodan.io to find exposed devices and services.
A community-curated collection of payloads, tools, and techniques for bug bounty hunters and security researchers.
A curated collection of security hardening guides, best practices, checklists, benchmarks, and tools for various systems and services.
A comprehensive, free information security reference covering techniques, tools, tactics, and resources for learning and professional development.
A curated list of awesome information security courses, training resources, and hands-on labs for cybersecurity professionals and students.
A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
A penetration testing tool that discovers and accesses RTSP video surveillance cameras through network scanning and dictionary attacks.
A Python script that discovers endpoints and their parameters in JavaScript files for penetration testing and bug hunting.
A curated collection of security conference talks and videos from events like DEF CON, Black Hat, and BSides.
A crowdsourced collection of websites with frustrating and counterproductive password requirements.
A Composer package that blocks installation of PHP dependencies with known security vulnerabilities.
A fast, multi-protocol credential brute-forcer that parses Nmap, Nessus, and Nexpose output to test credentials across 30+ services.
A powerful, easily deployable network traffic analysis tool suite for PCAP files, Zeek logs, and Suricata alerts.
A deliberately vulnerable CI/CD environment with 11 challenges to learn and practice CI/CD security.
A forensics intelligence platform that bridges CTI and DFIR by storing threat intelligence and enabling bulk observable searches and threat-focused analysis.
An open-source malware analysis framework that functions as a self-hosted alternative to VirusTotal.
A repository of publicly-available reports and blogs on APT (Advanced Persistent Threat) campaigns, activity, and software, organized by year.
A curated collection of disclosed Android security reports from HackerOne and educational resources for vulnerability research.
A modern hash identification tool that names MD5, SHA256, and 300+ other hash types with popularity ratings and summaries.
A curated list of awesome resources for executable packing, unpacking, and detection, covering packers, tools, and literature.
Related Tags
Found a gem we're missing?
Open-Awesome is built by the community, for the community. Submit a project, suggest an awesome list, or help improve the catalog on GitHub.