A community-supported supercharged version of paperless: scan, index and archive all your physical documents

Flipper Zero firmware source code

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Community curated list of templates for the nuclei engine to find security vulnerabilities.

A fast, simple, recursive content discovery tool written in Rust.

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerab…

Azure Kubernetes Service

Asset inventory on public bug bounty programs.

LunaSec - Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service. G…

FreeRADIUS - A multi-protocol policy server.

The uncompromising Python code formatter

A collection of various awesome lists for hackers, pentesters and security researchers

Ostorlab is security scanner framework with the mantra of do one thing and do it well.

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

A recipe for everything 🗒️

Collection of Cyber Threat Intelligence sources from the deep and dark web

Server-Side Template Injection and Code Injection Detection and Exploitation Tool

ReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.

An OOB interaction gathering server and client library

Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.

Web server

Automation for javascript recon in bug bounty.

Bitcoin Optech website

Gonna share my writeups and resources here

Automated All-in-One OS Command Injection Exploitation Tool.

Fast HTTP package for Go. Tuned for high performance. Zero memory allocations in hot paths. Up to 10x faster than net/http

Cross platform community web fingerprint identification tool

🌸 A command-line fuzzy finder

Nmap script to guess* a GitLab version.