Lists (1)
Starred repositories
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
A GitHub Actions Supply Chain CTF / Goat
The Internets #1 Subdomain Takeover Tool
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged objects, risky assignments, and potential misconfigurations.
M365/Azure adversary simulation tool that generates realistic attack telemetry to help blue teams improve their detection and response capabilities.
Ray is an AI compute engine. Ray consists of a core distributed runtime and a set of AI Libraries for accelerating ML workloads.
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Official GitHub Action for golangci-lint from its authors
Set up your GitHub Actions workflow with a specific version of Go
A lightweight, powerful framework for multi-agent workflows
Linux post exploitation tool for info gathering and exfiltration 🐧📡💀
Witness is a pluggable framework for software supply chain risk management. It automates, normalizes, and verifies software artifact provenance.
Run any Linux process in a secure, unprivileged sandbox using Landlock. Think firejail, but lightweight, user-friendly, and baked into the kernel.
The official Python SDK for Model Context Protocol servers and clients
Damn Vulnerable MCP Server
Constrain, log and scan your MCP connections for security vulnerabilities.
An open protocol enabling communication and interoperability between opaque agentic applications.
OWASP Web Application Security Testing Checklist
Model Context Protocol Servers
Action for generating build provenance attestations for workflow artifacts
Network intruder and presence detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
🕷️ An undetectable, powerful, flexible, high-performance Python library to make Web Scraping Easy and Effortless as it should be!
A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29
Python SDK, Proxy Server (LLM Gateway) to call 100+ LLM APIs in OpenAI format - [Bedrock, Azure, OpenAI, VertexAI, Cohere, Anthropic, Sagemaker, HuggingFace, Replicate, Groq]
A resource containing all the tools each ransomware gangs uses
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation tech…
An AWS metadata enumeration tool by Plerion