ElMassas
Follow
Sec
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a rang…
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
In-depth attack surface mapping and asset discovery
The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
A collection of fascinating and bizarre Censys Search Queries
An ACME-based certificate authority, written in Go.
Zuul is a gateway service that provides dynamic routing, monitoring, resiliency, security, and more.
Kanidm: A simple, secure, and fast identity management platform
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and th…
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
OSS-Fuzz - continuous fuzzing for open source software.
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Scapy: the Python-based interactive packet manipulation program & library.
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics…
Cloud Security Posture Management (CSPM)
Linux Runtime Security and Forensics using eBPF
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
Infection Monkey - An open-source adversary emulation platform
⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock