This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

A curated list of tools for incident response

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know.

⭐️ A curated list of awesome forensic analysis tools and resources

Automate the creation of a lab environment complete with security tooling and logging best practices

IntelOwl: manage your Threat Intelligence at scale

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

753+ structured cybersecurity skills for AI agents · MITRE ATT&CK mapped · agentskills.io open standard · Works with Claude Code, GitHub Copilot, OpenAI Codex CLI, Cursor, Gemini CLI & 20+ platforms · Penetration testing, DFIR, threat intel, cloud security & more · Apache 2.0

TheHive is a Collaborative Case Management Platform, now distributed as a commercial version

Loki - Simple IOC and YARA Scanner

Rapidly Search and Hunt through Windows Forensic Artefacts

Collaborative forensic timeline analysis

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

A repository of sysmon configuration modules

YARA signature and IOC database for my scanners and tools

Windows Events Attack Samples

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

A list of cyber-chef recipes and curated links

Your Everyday Threat Intelligence

VirusTotal Wanna Be - Now with 100% more Hipster

Educational, CTF-styled labs for individuals interested in Memory Forensics

You didn't think I'd go and leave the blue team out, right?

A curated knowledge base to build, run and mature a SOC (including CSIRT).

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Open source security data lake for threat hunting, detection & response, and cybersecurity analytics at petabyte scale on AWS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)