30 days of Python programming challenge is a step-by-step guide to learn the Python programming language in 30 days. This challenge may take more than 100 days, follow your own pace. These videos m…

30 Days of React challenge is a step by step guide to learn React in 30 days. These videos may help too: https://www.youtube.com/channel/UC7PNRuno1rzYPb1xLa4yktw

Javascript security analysis (JSA) is a program for javascript analysis during web application security assessment.

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

MALVADA: Malware Execution Traces Dataset generation.

capemon: CAPE's monitor

☁️ Collaborative Malware Analysis Platform at Scale

Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do

Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.

Noriben - Portable, Simple, Malware Analysis Sandbox

VirusTotal Wanna Be - Now with 100% more Hipster

Bi-Directional Equivariant Long-Range DNA Sequence Modeling

completely ridiculous API (crAPI)

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs

Mezon is a new way to communicate with your team. It's faster, better organized, better for WFH.

Scripts to download every Wordpress plugin (updated in the last 2 years) and run Semgrep over the lot of it while storing output in a database.

Comprehensive security scanning rules for WordPress plugin and theme development

Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.

A compendium of threat modeling and security testing resources for LLMs and GenAI agents

Deemon is a tool to detect CSRF in web applications. Deemon has been used for the paper "Deemon: Detecting CSRF with Dynamic Analysis and Property Graphs" by G. Pellegrino, M. Johns, S. Koch, M. Ba…

A complete video subtitle editing React component with AI-powered speech recognition and visual editing capabilities.

The Browser Exploitation Framework Project

Most advanced XSS scanner.

Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.

The Python micro framework for building web applications.

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

Extension exposing PHP 7 abstract syntax tree

Collection of Cyber Threat Intelligence sources from the deep and dark web