huondui's Stars
intelowlproject/IntelOwl
IntelOwl: manage your Threat Intelligence at scale
srcbookdev/srcbook
TypeScript notebook for rapid prototyping
mbrg/power-pwn
An offensive security toolset for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform
exo-explore/exo
Run your own AI cluster at home with everyday devices 📱💻 🖥️⌚
useplunk/plunk
The Open-Source Email Platform
1N3/Sn1per
Attack Surface Management Platform
prowler-cloud/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
All-Hands-AI/OpenHands
🙌 OpenHands: Code Less, Make More
The-Z-Labs/linux-exploit-suggester
Linux privilege escalation auditing tool
modularml/mojo
The Mojo Programming Language
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
secutils-dev/secutils
Secutils.dev is an open-source, versatile, yet simple security toolbox for engineers and researchers
Pythagora-io/gpt-pilot
The first real AI developer
istio/istio
Connect, secure, control, and observe services.
Infisical/infisical
♾ Infisical is the open-source secret management platform: Sync secrets across your team/infrastructure, prevent secret leaks, and manage internal PKI
Security-Onion-Solutions/securityonion
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, detections, and case management. It also includes other tools such as osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
ByteSnipers/awesome-pentest-cheat-sheets
Collection of cheat sheets useful for pentesting
LetsDefend/SOC-Interview-Questions
SOC Interview Questions
konstruktoid/ansible-role-hardening
Ansible role to apply a security baseline. Systemd edition.
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
google/oss-fuzz-gen
LLM powered fuzzing via OSS-Fuzz.
bytebase/bytebase
The GitHub/GitLab for database DevOps. World's most advanced database DevOps and CI/CD for Developer, DBA and Platform Engineering teams.
gofireflyio/aiac
Artificial Intelligence Infrastructure-as-Code Generator.
MaibornWolff/SecObserve
SecObserve is an open source vulnerability management system for software development and cloud environments. It supports a variety of open source vulnerability scanners and integrates easily into CI/CD pipelines.
latiotech/LAST
Use AI to Scan Your Code from the Command Line for security and code smells. Bring your own keys. Supports OpenAI and Gemini
microsoft/typespec
stas00/ml-engineering
Machine Learning Engineering Open Book
tcosolutions/betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
WithSecureLabs/damn-vulnerable-llm-agent