Stars
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
Automatic SQL injection and database takeover tool
Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
A modern and intuitive terminal-based text editor
A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
Checklist of the most important security countermeasures when designing, testing, and releasing your API
A simple, fast, and fun package for building command line apps in Go
A collection of awesome penetration testing resources, tools and other shiny things
Fast and customizable vulnerability scanner based on simple YAML based DSL.
A little tool to play with Windows security
Find, verify, and analyze leaked credentials
Easy and fast file sharing from the command-line.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Prevents you from committing secrets and credentials into git repositories
CTF framework and exploit development library
PowerSploit - A PowerShell Post-Exploitation Framework
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.