There are 108 repositories under information-security topic.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
Automate the creation of a lab environment complete with security tooling and logging best practices
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
Security automation content in SCAP, Bash, Ansible, and other formats
iOS/macOS/Linux Remote Administration Tool
Hardening Ubuntu. Systemd edition.
API Security Project aims to present unique attack & defense methods in API Security field
AIL framework - Analysis Information Leak framework. Project moved to https://github.com/ail-project
🎯 XML External Entity (XXE) Injection Payload List
My curated list of awesome links, resources and tools on infosec related topics
Most usable tools for iOS penetration testing
Open Source Security Guide. Learn all about Security Standards (FIPS, CIS, FedRAMP, FISMA, etc.), Frameworks, Threat Models, Encryption, and Benchmarks.
A repository for using osquery for incident detection and response
APKHunt is a comprehensive static code analysis tool for Android apps that is based on the OWASP MASVS framework. Although APKHunt is intended primarily for mobile app developers and security testers, it can be used by anyone to identify and address potential security vulnerabilities in their code.
The web management platform of honeypot
OSINT cheat sheet, list OSINT tools, wiki, dataset, article, book and OSINT tips
A concise, directive, specific, flexible, and free incident response plan template
Checklist of the most important security countermeasures when designing, creating, testing your web/mobile application
A curated list of awesome cloud security blogs, podcasts, standards, projects, and examples.
AIL framework - Analysis Information Leak framework
ICP备案查询,可查询企业或域名的ICP备案信息,自动完成滑动验证,保存结果到Excel表格,适用于新版的工信部备案管理系统网站,告别频繁拖动验证,以及某站*工具要开通VIP才可查看备案信息的坑
Ansible role to apply a security baseline. Systemd edition.
Don't let buffer overflows overflow your mind