ThreatBox is a standard and controlled Linux based attack platform. I've used a version of this for years. It started as a collection of scripts, lived as a rolling virtual machine, existed as code…

Smarty 73 13 Updated Nov 19, 2024

hackerschoice / thc-tips-tricks-hacks-cheat-sheet

Various tips & tricks

Shell 3,312 428 Updated Mar 13, 2025

jaegeral / security-apis

A collective list of public APIs for use in security. Contributions welcome

910 135 Updated Aug 22, 2024

infosecn1nja / Red-Teaming-Toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

9,382 2,241 Updated Sep 1, 2024

nlitsme / youtube_tool

Tool for extracting comments or subtitles from youtube video's

Python 142 24 Updated Mar 6, 2022

aboutsecurity / blueteam_homelabs

Great List of Resources to Build an Enterprise Grade Home Lab

815 96 Updated Dec 1, 2023

althonos / InstaLooter

Another API-less Instagram pictures and videos downloader.

Python 2,037 257 Updated Jan 6, 2023

sinwindie / OSINT

Collections of tools and methods created to aid in OSINT collection

Python 2,962 424 Updated Jun 30, 2023

alphaSeclab / awesome-burp-suite

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

1,025 255 Updated Feb 20, 2020

vianasw / dvwps

Damn Vulnerable WordPress Site

PHP 51 25 Updated Feb 24, 2023

appsecco / attacking-cloudgoat2

A step-by-step walkthrough of CloudGoat 2.0 scenarios.

134 53 Updated Apr 28, 2020

dev-sec / ansible-collection-hardening

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

Jinja 4,293 755 Updated Mar 17, 2025

bridgecrewio / terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into product…

HCL 1,185 5,380 Updated Sep 13, 2024

PlumHound / PlumHound

Bloodhound Reporting for Blue and Purple Teams

Python 1,164 115 Updated Feb 21, 2025

mike-goodwin / owasp-threat-dragon

An open source, online threat modelling tool from OWASP

JavaScript 483 128 Updated Jun 27, 2024

anantshri / server_admin_scripts

A collection of various scripts in perl/python/bash which i use while administering my own servers.

Shell 8 6 Updated Jun 6, 2023

drk1wi / portspoof

Portspoof

Makefile 2,226 177 Updated Dec 27, 2024

EmpireProject / Empire

Empire is a PowerShell and Python post-exploitation agent.

PowerShell 7,567 2,828 Updated Jan 19, 2020

mitchellkrogza / nginx-ultimate-bad-bot-blocker

Nginx Block Bad Bots, Spam Referrer Blocker, Vulnerability Scanners, User-Agents, Malware, Adware, Ransomware, Malicious Sites, with anti-DDOS, Wordpress Theme Detector Blocking and Fail2Ban Jail f…

Shell 4,261 495 Updated Mar 21, 2025

anantshri / wp-security

Wordpress security functions for paranoid folks. (themes functions.php and .htaccess). Take what you want, leave what you think should be added to it.

PHP 165 51 Updated Jun 6, 2023

fullmetalcache / domainGain-dep

Helps with finding and registering categorized domains

Python 67 10 Updated May 6, 2021

CPH-SEC / CPH-SEC.github.io

CPH:SEC - Copenhagen Ethical Hacking and Penetration Testing Society

CSS 43 12 Updated Oct 6, 2022

fortra / impacket

Impacket is a collection of Python classes for working with network protocols.

Python 14,050 3,653 Updated Mar 21, 2025

SigmaHQ / sigma

Main Sigma Rule Repository

Python 8,829 2,293 Updated Mar 21, 2025

MalwareArchaeology / ARTHIR

ATT&CK Remote Threat Hunting Incident Response

PowerShell 200 40 Updated Dec 8, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

johnce

Block or report johnce

Stars

certsocietegenerale / IRM-deprecated

mfthomps / Labtainers

mitre-attack / attack-arsenal

WithSecureLabs / leonidas

DefectDojo / django-DefectDojo

threatexpress / threatbox