A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

ALL IN ONE Hacking Tool For Hackers

Open Cyber Threat Intelligence Platform

Multi-Cloud Security Auditing Tool

Ultralight, security-first service mesh for Kubernetes. Main repo for Linkerd 2.x.

Protect and discover secrets using Gitleaks 🔑

Hunt down social media accounts by username across social networks

A daily updated summary of the most frequent types of security advisories currently being reported from different sources.

Real-time monitoring of IT components and services, such as networks, servers, VMs, applications and the cloud.

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

A collection of various awesome lists for hackers, pentesters and security researchers

Information gathering framework for phone numbers

Automatic SQL injection and database takeover tool

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

Next generation web scanner

Automatic SSTI detection tool with interactive interface

Webpage tracking only using CSS (and no JS)

An OSINT tool to search for accounts by username and email in social networks.

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!

Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Cross-platform backup tool for Windows, macOS & Linux with fast, incremental backups, client-side end-to-end encryption, compression and data deduplication. CLI and GUI included.

Fast, secure, efficient backup program

AWSGoat : A Damn Vulnerable AWS Infrastructure

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

Open Source Cloud Native Application Protection Platform (CNAPP)

Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernet…