ramkumareinstein

talisman

Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.

A-to-Z-Vulnerabilities

This is a Kind of Dictionary which contains all kinds of Web Application and Network Security Vulnerabilities and other security concepts in an Alphabetical Order

angular-realworld-example-app

Exemplary real world application built with Angular

attachment

Attachments connect between processes that provide HTTP data and the open-appsec Agent security logic.

attackgen

AttackGen is a cybersecurity incident response testing tool that leverages the power of large language models and the comprehensive MITRE ATT&CK framework. The tool generates tailored incident response scenarios based on user-selected threat actor groups and your organisation's details.

AWSGoat

AWSGoat : A Damn Vulnerable AWS Infrastructure

Blue-Team-Notes

You didn't think I'd go and leave the blue team out, right?

detect-secrets

An enterprise friendly way of detecting and preventing secrets in code.

ecapture

capture SSL/TLS text content without CA cert using eBPF. supports Linux/Android x86_64/Aarch64.

devika

Devika is an Agentic AI Software Engineer that can understand high-level human instructions, break them down into steps, research relevant information, and write code to achieve the given objective. Devika aims to be a competitive open-source alternative to Devin by Cognition AI.

earlybird

EarlyBird is a sensitive data detection tool capable of scanning source code repositories for clear text password violations, PII, outdated cryptography methods, key files and more.

ffuf

Fast web fuzzer written in Go

firefly

goHackTools

Hacker tools on Go (Golang)

Golden-Guide-for-Pentesting

Golden Guide

HowToHunt

Collection of methodology and test case for various web vulnerabilities.

leaky-repo

Benchmarking repo for secrets scanning

myProject-orb

openappsec

open-appsec is a machine learning security engine that preemptively and automatically prevents threats against Web Application & APIs. This repo include the main code and logic.

OpenDevin

🐚 OpenDevin: Code Less, Make More

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PESD-Exporter-Extension

PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams

platform_frameworks_base

secpat2gf

convert secret patterns to gf compatible.

secrets-patterns-db

Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.

SecretScanner

:unlock: :unlock: Find secrets and passwords in container images and file systems :unlock: :unlock:

Security-Hub

Security Books, Mind-Maps, Vulnerabilities Notes, methodologies, fuzzing lists and Bug-Bounty-Tips

translate-readme

Translate Github Readme to any other Language

Vulnerable-Code-Snippets

A small collection of vulnerable code snippets

ZeusCloud

Open Source Cloud Security