Security Tools

TorBotPython

An open-source intelligence (OSINT) tool for crawling and analyzing websites on the dark web and beyond.

vulscanLua

An Nmap NSE script that transforms nmap into a vulnerability scanner using offline vulnerability databases.

awesome-cve-poc

A curated collection of proof-of-concept exploits for Common Vulnerabilities and Exposures (CVEs).

embaShell

An open-source firmware security analyzer for embedded Linux devices, performing extraction, static/dynamic analysis, SBOM generation, and vulnerability reporting.

Awesome PCAP Tools

A curated list of open-source tools for capturing, analyzing, and processing network packet captures (PCAP files).

BruteSharkC#

A Network Forensic Analysis Tool (NFAT) for deep inspection of PCAP files and live traffic, extracting credentials, building network maps, and reconstructing sessions.

NoSQLMapPython

An automated Python tool for auditing and exploiting NoSQL database vulnerabilities and web application injection attacks.

DIEC++

GUI and console sources for Detect It Easy (DiE), a program for determining file types and packers.

sysmon-modularPowerShell

A modular repository of Sysmon configuration modules for customizable endpoint detection and logging.

bundle-auditRuby

A security audit tool for Ruby projects that checks Gemfile.lock for vulnerable gem versions and insecure sources.

BearerGo

Static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.

BearerGo

A static application security testing (SAST) tool that scans source code to discover, filter, and prioritize security and privacy risks.

KICSOpen Policy Agent

KICS is an open-source static analysis tool that finds security vulnerabilities, compliance issues, and misconfigurations in Infrastructure as Code.

KeywhizJava

A system for distributing and managing secrets, now deprecated in favor of HashiCorp Vault.

APKiDYARA

Identifies compilers, packers, obfuscators, and other characteristics in Android APK and DEX files.

DiamorphineC

A Linux Kernel Module (LKM) rootkit for hiding processes, granting root privileges, and making files invisible.

silenttrinityBoo

A modern, asynchronous, multiplayer command and control (C2) framework for post-exploitation using Python and .NET's DLR.

xssor2JavaScript

A web-based toolkit for XSS (Cross-Site Scripting) testing, encoding/decoding, and payload generation.

KrakatauRust

A Java bytecode assembler, disassembler, and decompiler designed to handle obfuscated code and support the latest JVM specifications.

PowerToolsPowerShell

A deprecated collection of PowerShell tools for offensive security operations and penetration testing.

gokartGo

A static analysis tool for Go that finds vulnerabilities using SSA form and source-to-sink tracing to reduce false positives.

GSILPython

Monitor GitHub for sensitive information leaks in near real-time and send alert notifications.

FakeNet-NGPython

A dynamic network analysis tool that intercepts and simulates network services for malware analysis and penetration testing.

ReconDogPython

A reconnaissance tool that gathers information about targets using APIs without direct contact.

ghorgGo

A CLI tool to clone or backup all repositories from a GitHub/GitLab/Bitbucket organization or user into a single directory.

reverse-shellGo

A service that provides easy-to-remember reverse shell payloads for Unix-like systems, automatically detecting available software on the target.

PefilePython

A Python module for parsing and working with Portable Executable (PE) files, providing access to headers, sections, and embedded data.

RekallPython

An open-source memory forensic framework for extracting and analyzing digital artifacts from Windows, Linux, and OSX memory images.

Industrial Control System SecurityPython

A curated collection of tools, data, literature, and resources for Industrial Control System (ICS) and SCADA security.

JA4+Rust

A suite of network fingerprinting standards for TLS, TCP, HTTP, SSH, and other protocols to facilitate threat detection and security analysis.

Deepfence PacketStreamerGo

Distributed tcpdump for cloud native environments, capturing and streaming network packets from multiple hosts to a central receiver.

Lockpicking

A curated list of awesome guides, tools, and resources related to lockpicking, physical security, and locksport.

InQL ScannerKotlin

A Burp Suite extension for advanced GraphQL security testing, featuring vulnerability scanning, batch attacks, and schema analysis.

HashtopolisPHP

A multi-platform client-server tool for distributing Hashcat password cracking tasks across multiple computers.

Awesome Threat ModellingDockerfile

A curated list of threat modeling resources including books, courses, videos, tools, tutorials, and examples for learning and practicing threat modeling.

DevSecOps

A curated list of DevSecOps tools, resources, and training materials for integrating security into the development lifecycle.