cnibley's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
berzerk0/Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
DShield-ISC/dshield
DShield Raspberry Pi Sensor
EFForg/cover-your-tracks
Is your browser safe against tracking?
certbot/certbot
Certbot is EFF's tool to obtain certs from Let's Encrypt and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.
EFForg/https-everywhere
A browser extension that encrypts your communications with many websites that offer HTTPS but still allow unencrypted connections.
EFForg/privacybadger
Privacy Badger is a browser extension that automatically learns to block invisible trackers.
NationalSecurityAgency/ghidra
Ghidra is a software reverse engineering (SRE) framework
DanMcInerney/net-creds
Sniffs sensitive data from interface or pcap
lmco/laikaboss
Laika BOSS: Object Scanning System
mushorg/glastopf
Web Application Honeypot
cowrie/cowrie
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
mullvad/mullvadvpn-app
The Mullvad VPN client app for desktop and mobile
buffer/thug
Python low-interaction honeyclient
getdnsapi/stubby
Stubby is the name given to a mode of using getdns which enables it to act as a local DNS Privacy stub resolver (using DNS-over-TLS).
OWASP/sonarqube
OWASP SonarQube Project
EmpireProject/Empire
Empire is a PowerShell and Python post-exploitation agent.
trustedsec/ptf
The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
Neo23x0/Loki
Loki - Simple IOC and YARA Scanner
checkly/headless-recorder
Chrome extension that records your browser interactions and generates a Playwright or Puppeteer script.
securing/DumpsterDiver
Tool to search secrets in various filetypes.
mitre/caldera
Automated Adversary Emulation Platform
SpiderLabs/portia
Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account has been compromised.
MojtabaTajik/Robber
Robber is open source tool for finding executables prone to DLL hijacking
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
aria2/aria2
aria2 is a lightweight multi-protocol & multi-source, cross platform download utility operated in command-line. It supports HTTP/HTTPS, FTP, SFTP, BitTorrent and Metalink.
Juvenal1/xboxonehdd
Xbox One HDD Creation Tools
versionpress/versionpress
Git-based version control for WordPress. Whoa!
C2SP/wycheproof
Project Wycheproof tests crypto libraries against known attacks.
junit-team/junit5
✅ The 5th major version of the programmer-friendly testing framework for Java and the JVM