CyberStrikeus
CyberStrikeCyberStrike is an open-source AI-powered offensive security agent that automates penetration testing by integrating with LLMs (Claude, GPT, etc.) to...
38 repositories found
CyberStrikeus
CyberStrikeCyberStrike is an open-source AI-powered offensive security agent that automates penetration testing by integrating with LLMs (Claude, GPT, etc.) to...
m14r41
PentestingEverythingPentestingEverything is a comprehensive, searchable knowledge base for penetration testing and application security across 23 domains including web,...
mukul975
Anthropic-Cybersecurity-SkillsThis is a curated library of 817 structured cybersecurity skills mapped to six industry frameworks (MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND,...
betterleaks
betterleaksBetterleaks is a configurable secrets scanner for detecting exposed credentials across Git repositories, cloud storage, and collaboration platforms....
project-copacetic
copaceticProject Copacetic (copa) is a CLI tool for patching container image vulnerabilities directly without full image rebuilds, using vulnerability...
lintsinghua
DeepAuditDeepAudit is an open-source multi-agent AI system for automated code vulnerability detection and auditing, designed for DevSecOps workflows. It...
ossf
cve-bin-toolCVE Binary Tool is a free, open-source security scanner that identifies known vulnerabilities in binaries and software components by matching against...
safedep
vetVET is a supply chain security tool that detects malicious open source packages through static and dynamic analysis, with policy-as-code enforcement...
mongodb
kingfisherKingfisher is a high-performance secret detection and validation tool built in Rust, designed specifically for detecting leaked credentials, API...
aquasecurity
trivyTrivy is a comprehensive security scanner for finding vulnerabilities, misconfigurations, secrets, and software licenses across container images,...
MobSF
Mobile-Security-Framework-MobSFMobile Security Framework (MobSF) is a specialized automated platform for static and dynamic analysis of mobile applications across Android, iOS, and...
DefectDojo
django-DefectDojoDefectDojo is a comprehensive DevSecOps and vulnerability management platform that orchestrates security testing, deduplication, remediation, and...
DependencyTrack
dependency-trackDependency-Track is an OWASP-maintained Component Analysis platform that ingests Software Bill of Materials (SBOMs) to identify and mitigate supply...
GitGuardian
ggshieldggshield is a specialized secrets detection CLI that scans for 500+ types of hardcoded credentials and API keys in code. It integrates into...
firezone
firezoneFirezone is an enterprise-grade zero-trust remote access platform built on WireGuard that provides peer-to-peer encrypted tunnels with fine-grained...
aquasecurity
trivy-actionTrivy Action is a GitHub Actions wrapper for Aqua Security's Trivy vulnerability scanner, enabling automated container image and artifact scanning...
gitleaks
gitleaksGitleaks is a specialized secrets detection tool that scans Git repositories and files for exposed credentials like API keys, passwords, and tokens...
Bearer
bearerBearer is an open-source static application security testing (SAST) tool that scans source code to identify security vulnerabilities and privacy...
trufflesecurity
trufflehogTruffleHog is a specialized secrets detection and validation tool that discovers, classifies, and analyzes leaked credentials across 800+ secret...
hahwul
dalfoxDalfox is a specialized XSS scanning and vulnerability testing tool written in Rust, designed for security professionals and bug bounty hunters who...
prowler-cloud
prowlerProwler is an open-source cloud security platform that automates security and compliance auditing across AWS, Azure, and GCP environments. It is...
bytebase
bytebaseBytebase is an open-source database DevOps platform that manages database schema changes through CI/CD pipelines, GitOps workflows, and collaborative...
infobyte
faradayFaraday is an open-source vulnerability management platform designed to centralize, aggregate, and normalize security scan data from multiple tools...
bunkerity
bunkerwebBunkerWeb is an open-source, cloud-native Web Application Firewall (WAF) built on NGINX that provides security-by-default protection for web...
sottlmarek
DevSecOpsA curated collection of open-source DevSecOps tools, methodologies, and resources organized by security stage (pre-commit, secrets, SAST, DAST,...
gravitl
netmakerNetmaker automates the creation and management of WireGuard-based virtual networks, enabling mesh VPNs, site-to-site connectivity, and remote access...
xonsh
xonshXonsh is a Python-powered shell that unifies shell scripting with Python syntax, enabling users to write cross-platform automation that seamlessly...
We5ter
Scanners-BoxScanners Box is a curated collection of 9,000+ open-source cybersecurity tools organized across 10+ categories, including AI-driven security agents,...
OWASP
wrongsecretsOWASP WrongSecrets is a deliberately vulnerable Java web application designed as a training tool for learning secrets management security. It...
akto-api-security
aktoAkto is an open-source API security platform that discovers APIs, maps security posture, and runs vulnerability tests with 1000+ built-in tests...
Showing 30 of 38
Weekly newsletter
Every Monday: the repos worth your attention, anomaly signals and deep AI analysis. No fluff, unsubscribe any time.