"rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Azure Blob, Azure Files, Yandex Files

HTTP load testing tool and library. It's over 9000!

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Find, verify, and analyze leaked credentials

Sample cloud-first application with 10 microservices showcasing Kubernetes, Istio, and gRPC.

Easy and fast file sharing from the command-line.

Fast web fuzzer written in Go

In-depth attack surface mapping and asset discovery

Extract and decrypt browser data, supporting multiple data types, runnable on various operating systems (macOS, Windows, Linux).

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

The Cloud Native Control Plane

Adversary Emulation Framework

Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go

Reconnaissance tool for GitHub organizations

The open source high performance ELT framework powered by Apache Arrow

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

ScareCrow - Payload creation framework designed around EDR bypass.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

Automating situational awareness for cloud penetration tests.

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

♾️ Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

A utility to safely generate malicious network traffic patterns and evaluate controls.

Peirates - Kubernetes Penetration Testing tool

Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

Certificate Transparency Log Monitor

The Cloud Foundation toolkit provides GCP best practices as code.

Tool for building Kubernetes attack paths

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

A tool for IDN homograph attacks and detection.