BleachBit system cleaner for Windows and Linux

Hunt down social media accounts by username across social networks

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

A curated list of cryptography papers, articles, tutorials and howtos.

A huge list of alternatives to Google products. Privacy tips, tricks, and links.

Guide to using YubiKey for GnuPG and SSH

Collection of resources related to phishing

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

A browser extension that redirects popular sites to alternative privacy friendly frontends

pre-built coreboot images and documentation on how to flash them for Thinkpad Laptops

🛡️ A private certificate authority (X.509 & SSH) & ACME server for secure automated certificate management, so you can use TLS everywhere & SSO for SSH.

Wireguard web interface

Daemon to ban hosts that cause multiple authentication errors

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…

Protect and discover secrets using Gitleaks 🔑

holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.

A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.

Find, verify, and analyze leaked credentials

💧 Find sensitive information for a git repo

🔐 Securely share sensitive information with automatic expiration & deletion after a set number of views or duration. Track who, what and when with full audit logs.

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

Credentials recovery project

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

OWASP Coraza WAF is a golang modsecurity compatible web application firewall library

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

OffSec OSINT Pentest/RedTeam Tools

Application Security Verification Standard

A curated list of hacking environments where you can train your cyber skills legally and safely