Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

This repository contains archway testnets

Ultimate DevSecOps library

Useful resources about phishing email analysis

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.

Security scanner coordinator

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

A concise, directive, specific, flexible, and free incident response plan template

NDJSON archive ready to upload in Elastic SIEM

Awesome .NET Security Resources

Guide to securing and improving privacy on macOS

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysi…

This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.

Loki - Simple IOC and Incident Response Scanner

Projects deployed on Akash

Active Directory Lab for Penetration Testing

Open source vulnerability scanner for .NET Core projects

Prototype Pollution and useful Script Gadgets

A collection of awesome penetration testing resources, tools and other shiny things

An intentionally vulnerable NGINX setup

A toolkit to attack Office365

A curated list of Android Security materials and resources For Pentesters and Bug Hunters

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls list…

Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient

Tutorials and Things to Do while Hunting Vulnerability.

A self-hosted Fuzzing-As-A-Service platform

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the…