Skills and career roadmap for various security roles like application security, cloud security, DevSecOps, security engineer, security researchers, pentesting, api security, network security, mobil…

345 51 Updated May 14, 2025

GreyDGL / PentestGPT

A GPT-empowered penetration testing tool

Python 8,462 1,090 Updated Jul 3, 2025

OWASP / threat-model-cookbook

This project is about creating and publishing threat model examples.

Python 418 73 Updated Nov 10, 2021

OpenC2-org / openc2-org

The Open Command and Control Forum promotes the global development and adoption of the OpenC2 language and reference material.

Python 30 4 Updated May 25, 2017

wtsxDev / Exploit-Development

Resources for learning about Exploit Development

394 78 Updated Oct 1, 2020

Vulcainreo / DVID

Damn Vulnerable IoT Device

C 211 42 Updated Feb 12, 2024

praetorian-inc / DVRF

The Damn Vulnerable Router Firmware Project

HTML 692 146 Updated Apr 7, 2021

hacksysteam / HackSysExtremeVulnerableDriver

HackSys Extreme Vulnerable Driver (HEVD) - Windows & Linux

C 2,708 553 Updated Feb 24, 2025

secure-delivery / vapi

Forked from roottusk/vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises.

HTML 12 4 Updated Mar 11, 2022

ReversecLabs / awspx

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Python 963 105 Updated Oct 4, 2022

coffee-and-fun / google-profanity-words

Full list of bad words and top swear words banned by Google.

JavaScript 645 248 Updated Sep 20, 2024

zeek / zeek

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

C++ 6,988 1,274 Updated Jul 4, 2025

praetorian-inc / gokart

A static analysis tool for securing Go code

Go 2,177 106 Updated Jan 23, 2024

austinsonger / Incident-Playbook

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

1,475 261 Updated Jul 28, 2024

Crypto-Loot / cryptoloot

Self Hosted Library for CryptoLoot

PHP 57 15 Updated Sep 10, 2019

deepwn / deepMiner

deepMiner webminer proxy (update for cryptoNight R)

C 551 235 Updated Mar 21, 2019

RPISEC / MBE

Course materials for Modern Binary Exploitation by RPISEC

C 5,724 901 Updated Dec 9, 2021

RhinoSecurityLabs / pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Python 4,768 747 Updated Jun 20, 2025

4d61726b / VirtualKD-Redux

VirtualKD-Redux - A revival and modernization of VirtualKD

C++ 904 142 Updated Jun 23, 2024

devsecops / awesome-devsecops

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

4,964 1,034 Updated May 11, 2024

lizrice / thebook

Forked from k8s-sec/k8s-sec.github.io

Links and resources for the O'Reilly Kubernetes Security book

45 14 Updated Sep 4, 2018

Kevin kphongagsorn

Lists (6)

BDD

Malware Dev

Off Sec

OWASP

Reverse Engineering

📚 Study

Starred repositories

privesc