There are 280 repositories under infosec topic.
Exploitation Framework for Embedded Devices
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Web path scanner
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
🔥 Web-application firewalls (WAFs) from security standpoint.
A list of interesting payloads, tips and tricks for bug bounty hunters.
All about bug bounty (bypasses, payloads, and etc)
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
A curated list of awesome infosec courses and training resources.
A collection of awesome security hardening guides, tools and other resources
A curated list of GPT agents for cybersecurity
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
A collected list of awesome security talks
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
A collection of all the data i could extract from 1 billion leaked credentials from internet.
KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.