fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

eBPF-based Networking, Security, and Observability

Find, verify, and analyze leaked credentials

Fast web fuzzer written in Go

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

In-depth attack surface mapping and asset discovery

Directory/File, DNS and VHost busting tool written in Go

Fast passive subdomain enumeration tool.

Vulnerability Static Analysis for Containers

OpenGFW is a flexible, easy-to-use, open source implementation of GFW (Great Firewall of China) on Linux

A self hosted virtual browser that runs in docker and uses WebRTC.

A vulnerability scanner for container images and filesystems

Adversary Emulation Framework

Vulnerability scanner written in Go which uses the data provided by https://osv.dev

Tfsec is now part of Trivy

A Tool for Domain Flyovers

Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.

A censorship circumvention tool to evade detection by authoritarian state adversaries

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)

Generate an IAM policy from AWS, Azure, or Google Cloud (GCP) calls using client-side monitoring (CSM) or embedded proxy

👻Stowaway -- Multi-hop Proxy Tool for pentesters

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

A tool to perform Kerberos pre-auth bruteforcing

Gryffin is a large scale web security scanning platform.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Run any Linux process in a secure, unprivileged sandbox using Landlock. Think firejail, but lightweight, user-friendly, and baked into the kernel.

A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.

DevSecOps for Airgap & Limited-Connection Systems. https://zarf.dev/