Skip to content
Change the repository type filter

All

    Repositories list

    • Secure your apps by making them Secretless
      Go
      Apache License 2.0
      41000Updated Dec 18, 2024Dec 18, 2024
    • Mozilla Public License 2.0
      10000Updated Jul 26, 2024Jul 26, 2024
    • spicedb

      Public
      Open Source, Google Zanzibar-inspired permissions database to enable fine-grained authorization for customer applications
      Go
      Apache License 2.0
      285000Updated Jul 7, 2024Jul 7, 2024
    • SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
      PHP
      MIT License
      24k000Updated Apr 27, 2024Apr 27, 2024
    • GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
      HTML
      GNU General Public License v3.0
      1.3k000Updated Apr 8, 2024Apr 8, 2024
    • PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
      C#
      Other
      3.1k000Updated Apr 8, 2024Apr 8, 2024
    • A list of useful payloads and bypass for Web Application Security and Pentest/CTF
      Python
      MIT License
      15k000Updated Apr 6, 2024Apr 6, 2024
    • bane

      Public
      Custom & better AppArmor profile generator for Docker containers.
      Go
      MIT License
      84100Updated Apr 5, 2024Apr 5, 2024
    • OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
      TypeScript
      MIT License
      11k000Updated Apr 5, 2024Apr 5, 2024
    • hydra
      C
      GNU Affero General Public License v3.0
      2.1k000Updated Apr 1, 2024Apr 1, 2024
    • trivy

      Public
      Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
      Go
      Apache License 2.0
      2.4k000Updated Mar 23, 2024Mar 23, 2024
    • Go
      MIT License
      30000Updated Mar 20, 2024Mar 20, 2024
    • Next generation web scanner
      Ruby
      GNU General Public License v2.0
      913000Updated Jan 8, 2024Jan 8, 2024
    • Automated lifecycle management for credentials
      Go
      MIT License
      10000Updated Oct 11, 2023Oct 11, 2023
    • A Vault swiss-army knife: A CLI tool to init, unseal and configure Vault (auth methods, secret engines).
      Go
      Apache License 2.0
      468000Updated Sep 11, 2023Sep 11, 2023
    • Scripted Local Linux Enumeration & Privilege Escalation Checks
      Shell
      MIT License
      2k000Updated Sep 6, 2023Sep 6, 2023
    • Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
      PowerShell
      Other
      2.5k000Updated Sep 5, 2023Sep 5, 2023
    • Dynamic Application and API Security Testing
      Go
      Apache License 2.0
      27000Updated Apr 5, 2023Apr 5, 2023
    • Learn tutorial assets related to Vault Agent
      HCL
      8000Updated Oct 12, 2022Oct 12, 2022
    • prowler

      Public
      AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark and DOZENS of additional checks including GDPR and HIPAA (+90). Official CIS for AWS guide: https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf
      Shell
      Apache License 2.0
      1.6k200Updated Sep 27, 2022Sep 27, 2022
    • List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
      Shell
      Apache License 2.0
      1.5k000Updated Sep 23, 2022Sep 23, 2022
    • PMapper

      Public
      A tool for quickly evaluating IAM permissions in AWS.
      Python
      GNU Affero General Public License v3.0
      173000Updated Sep 5, 2022Sep 5, 2022
    • oisru

      Public
      Repository for the Open Information Security Risk Universe
      Shell
      Creative Commons Zero v1.0 Universal
      10000Updated Jul 10, 2022Jul 10, 2022
    • For engineers and security teams driving fast and secure software supply chains
      Apache License 2.0
      22000Updated Apr 15, 2022Apr 15, 2022
    • SkyArk

      Public
      SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
      PowerShell
      MIT License
      163000Updated Feb 13, 2022Feb 13, 2022
    • Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
      Python
      GNU General Public License v3.0
      126000Updated May 14, 2021May 14, 2021
    • pacbot

      Public
      PacBot (Policy as Code Bot)
      Java
      Apache License 2.0
      277000Updated Apr 26, 2021Apr 26, 2021
    • Cloud Custodian policy that logs unused security groups
      Jinja
      MIT License
      77000Updated Apr 18, 2021Apr 18, 2021
    • A collection of awesome penetration testing resources, tools and other shiny things
      4.5k000Updated Mar 27, 2021Mar 27, 2021
    • Discover resources created in an AWS account.
      Python
      Apache License 2.0
      130000Updated Feb 7, 2021Feb 7, 2021