The Book Of Secret Knowledge

A little tool to play with Windows security

n³ The unorthodox terminal file manager

The premier source of truth powering network automation. Open source under Apache 2. Try NetBox Cloud free: https://netboxlabs.com/products/free-netbox-cloud/

Pre-Built Vulnerable Environments Based on Docker-Compose

HTTP load generator, ApacheBench (ab) replacement

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

🤖 The Modern Port Scanner 🤖

Automated Nginx Reverse Proxy for Docker

A fully-modern text-based browser, rendering to TTY and browsers

Application Kernel for Containers

Build the best interview map. The current content includes JS, network, browser related, performance optimization, security, framework, Git, data structure, algorithm, etc.

Top-like interface for container metrics

🎮 The only Front-End Performance Checklist that runs faster than the others

A VIM-inspired filemanager for the console

z - jump around

What happens behind the scenes when we type www.google.com in a browser?

Impacket is a collection of Python classes for working with network protocols.

A community Bash framework.

Most advanced XSS scanner.

In-depth attack surface mapping and asset discovery

Make JSON greppable!

Cheatsheets for web development - devhints.io

How to improve NGINX performance, security, and other important things.

Various Dockerfiles I use on the desktop and on servers.

Fast passive subdomain enumeration tool.

articles

Directory/File, DNS and VHost busting tool written in Go

CTF framework and exploit development library

dnscrypt-proxy 2 - A flexible DNS proxy, with support for encrypted DNS protocols.

A distribution of Nginx with some advanced features

Postgres CLI with autocompletion and syntax highlighting

Exploitation Framework for Embedded Devices

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWASP Mobile Security Weakness Enumeration (MASWE) weaknesses, which are in alignment with the OWASP MASVS.

Incredibly fast crawler designed for OSINT.

A guide to learn bash

Dockerfile linter, validate inline bash, written in Haskell

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

A collection of postmortems. Sorry for the delay in merging PRs!

A Terminal Client for MySQL with AutoCompletion and Syntax Highlighting.

This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.

The Fish Shell Framework

Linux/OSX/FreeBSD resource monitor

Fast subdomains enumeration tool for penetration testers

The Browser Exploitation Framework Project

Interactive cli tool for HTTP inspection

🛡️ Open-source and cloud-native Web Application Firewall (WAF)

Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Performance analysis tools based on Linux perf_events (aka perf) and ftrace

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.