This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, …

Application Security Verification Standard

I hacked Minesweeper into putting flags on all the mined squares when starting. Yoohoo.

Rubyfu, where Ruby goes evil!

Annotation processor to create immutable objects and builders. Feels like Guava's immutable collections but for regular value objects. JSON, Jackson, Gson, JAX-RS integrations included

A toolset to make a system look as if it was the victim of an APT attack

File Scanning Framework

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

APTnotes data

Ansible role for Red Hat 7 CIS Baseline

Attack Detection

A simple Python script for security auditing purposes.

An evil RAT (Remote Administration Tool) for macOS / OS X.

A collection of various GitHub gists for hackers, pentesters and security researchers

"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team…

A default credential scanner.

FAME Automates Malware Evaluation

Your Everyday Threat Intelligence

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelistin…

A list of interesting payloads, tips and tricks for bug bounty hunters.

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Malcom - Malware Communications Analyzer

A proposed standard that allows websites to define security policies.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

🔐 Security advisories as a simple composer exclusion list, updated daily

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

📡 A python program to create a fake AP and sniff data.

A curated list of awesome infosec courses and training resources.

Open Source Vulnerability Management Platform

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.