morcelan

shellcheck

ShellCheck, a static analysis tool for shell scripts

static-analysis

⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.

cve

Gather and update all available and newest CVEs with their PoC.

PoC-in-GitHub

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

honggfuzz

Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)

Fuzzing101

An step by step fuzzing tutorial. A GitHub Security Lab initiative

stego-toolkit

Collection of steganography tools - helps with CTF challenges

vmware-host-modules

Patches needed to build VMware (Player and Workstation) host modules against recent kernels

SUDO_KILLER

A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.

DidierStevensSuite

Please no pull requests for this repository. Thanks!

HardeningKitty

HardeningKitty - Checks and hardens your Windows configuration

passphrase-wordlist

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

my-flipper-shits

Free and libre source BadUSB payloads for Flipper Zero. [Windows, GNU/Linux, iOS]

dep-scan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration. Discord: https://discord.gg/DP657ACYEZ

evilarc

Create tar/zip archives that can exploit directory traversal vulnerabilities

SploitScan

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

facedancer

Implement your own USB device in Python, supported by a hardware peripheral such as Cynthion or GreatFET

hachoir

Hachoir is a Python library to view and edit a binary stream field by field

GTFONow

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.

certmitm

A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.

Guides

hydrafw

HydraBus HydraFW official firmware for open source multi-tool for anyone interested in learning/developping/debugging/hacking/Penetration Testing for basic or advanced embedded hardware

websec-answers

Websec interview questions by tib3rius answered

depthcharge

A U-Boot hacking toolkit for security researchers and tinkerers

GTFOBLookup

Offline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io), LOLBAS (https://github.com/LOLBAS-Project/LOLBAS), WADComs (https://wadcoms.github.io), and HijackLibs (https://hijacklibs.net/).

InfoHound

InfoHound is an OSINT to extract a large amount of data given a web domain name.

web.Monitor

Fast & user-friendly web change tracking tool.

NVD-Exploit-List-Ja

🔍NVD exploit & JVN(Japan Vulnerability Notes) easy description

writeups

Write ups for Ph0wn CTF

decret

DEbian Cve REproducer Tool