An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

Shannon Lite is an autonomous, white-box AI pentester for web applications and APIs. It analyzes your source code, identifies attack vectors, and executes real exploits to prove vulnerabilities before they reach production.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

🕵️‍♂️ All-in-one OSINT tool for analysing any website

Find secrets with Gitleaks 🔑

Infisical is the open-source platform for secrets, certificates, and privileged access management.

Find, verify, and analyze leaked credentials

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026

Loads environment variables from .env for nodejs projects.

🤖 The Modern Port Scanner 🤖

Daemon to ban hosts that cause multiple authentication errors

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Fully autonomous AI Agents system capable of performing complex penetration testing tasks

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。(An intranet comprehensive scanning tool, enabling one-click automated, all-round vulnerability scanning)

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Scapy: the Python-based interactive packet manipulation program & library.

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices