A tool to automatically build a dependency graph and Software Bill of Materials (SBOM) for packages and arbitrary source code repositories.

A tool for SigOver, signal overshadowing attack on the LTE broadcast signals in physical domain.

Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood

I can't seem to upload .md files on WordPress, so this will have to do.

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

The VESC motor control firmware

Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)

Fast passive subdomain enumeration tool.

dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.

A simple sign made out of PCB material to indicate if a surface is still hot

Google Chrome extension that prevents the blocking of pasting into input fields

Because TweetDeck is a mess at times.

Covenant is a collaborative .NET C2 framework for red teamers.

Any presentation we've given at FortyNorth Security

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

a recon tool that finds sensitive data inside the screenshots uploaded to prnt.sc

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Wordlist generator

A Tool for Domain Flyovers

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

GNU Radio Android Toolchain

Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.

A quick reference for understanding the nature and severity of vulnerabilities in TLS configurations and implementations.

⚡ Transfer files over wifi from your computer to your mobile device by scanning a QR code without leaving the terminal.

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Learning to See in the Dark. CVPR 2018

Fast web fuzzer written in Go

retrieve information via O365 and AzureAD with a valid cred

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be r…

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.