The lazier way to manage everything docker

Fast and customizable vulnerability scanner based on simple YAML based DSL.

The personal information dashboard for your terminal

Find, verify, and analyze leaked credentials

Open-Source Phishing Toolkit

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

A vault for securely storing and accessing AWS credentials in development environments

Go security checker

Build powerful pipelines in any programming language.

Template rendering, notifier, and supervisor for @HashiCorp Consul and Vault data.

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

A cloud native Identity & Access Proxy / API (IAP) and Access Control Decision API that authenticates, authorizes, and mutates incoming HTTP(s) requests. Inspired by the BeyondCorp / Zero Trust whi…

Command line tool to share your UNIX terminal and forward local TCP ports to people you trust.

Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.

CLI for managing secrets

Gryffin is a large scale web security scanning platform.

SQL interface to git repositories, written in Go. https://docs.sourced.tech/gitbase

WebAuthn (FIDO2) server library written in Go

set of web security test cases and a toolkit to construct new ones

Dontbug is a reverse debugger for PHP

An observatory for TLS configurations, X509 certificates, and more.

Replace your `curl | sh` installers

Open source offensive security platform for red team, by red team.