Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Find secrets with Gitleaks 🔑

eBPF-based Networking, Security, and Observability

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Vulnerability Static Analysis for Containers

MCP Toolbox for Databases is an open source MCP server for databases.

Go security checker

The Havoc Framework

Tfsec is now part of Trivy

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.

OpenSSF Scorecard - Security health metrics for Open Source

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

Linux Runtime Security and Forensics using eBPF

a drop-in replacement for Nmap powered by shodan.io

Adversary tradecraft detection, protection, and hunting

A collection of hacks and one-off scripts

Fast Application Layer Scanner

🔪 Leak git repositories from misconfigured websites

Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.

Open Source Package Analysis

Copy-move image forgery detection library.