A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

Coding articles to level up your development skills

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

An evolving how-to guide for securing a Linux server.

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Community guide to securing and improving privacy on macOS.

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2026

Security Guide for Developers

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Short CSS code snippets for all your development needs

Train your AI self, amplify you, bridge the world

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, covering topics such as Network+, Security+, Linux, Python, Traffic Analysis, Git, ELK, AWS, Azure, and Hacking. The repository also includes a `LEARN.md

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

一款内网综合扫描工具，方便一键自动化、全方位漏扫扫描。(An intranet comprehensive scanning tool, enabling one-click automated, all-round vulnerability scanning)

面向开发人员梳理的代码安全指南

🐶 A curated list of Web Security materials and resources.

Prevents you from committing secrets and credentials into git repositories

A curated collection of common interview questions to help you prepare for your next interview.

How to systematically secure anything: a repository about security engineering

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.

Spring Security

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

A collection of android security related resources

A Kubernetes controller and tool for one-way encrypted Secrets

Short Python code snippets for all your development needs

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

Protect your SSH keys with your Mac's Secure Enclave

A command line tool that recreates the famous data decryption effect seen in the 1992 movie Sneakers.

top #1 and most feature rich GPT wrapper for git — generate commit messages with an LLM in 1 sec — works with Claude, GPT and every other provider, supports local Ollama models too