A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

The agent harness performance optimization system. Skills, instincts, memory, security, and research-first development for Claude Code, Codex, Opencode, Cursor and beyond.

A collection of various awesome lists for hackers, pentesters and security researchers

List of Computer Science courses with video lectures.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

The trust-minimized, zero-knowledge bridging protocol, designed for censorship resistance, extremely high security, and usage in decentralized finance.

Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

React-based framework with performance, scalability, and security built in.

Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.

An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore: PGVector, Faiss. Any Files. Anyway you want.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

Comfortably monitor your Internet traffic 🕵️‍♂️

🕵️‍♂️ All-in-one OSINT tool for analysing any website

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Set up a personal VPN in the cloud

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

The official NGINX Open Source repository.

循序渐进，学习Spring Boot、Spring Boot & Shiro、Spring Batch、Spring Cloud、Spring Cloud Alibaba、Spring Security & Spring Security OAuth2，博客Spring系列源码：https://mrbird.cc

⚙️ NGINX config generator on steroids 💉

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.

Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

Proxmox VE Helper-Scripts (Community Edition)

The Single Sign-On Multi-Factor portal for web apps, now OpenID Certified™

OpenZeppelin Contracts is a library for secure smart contract development.

A lightweight alternative to OpenClaw that runs in containers for security. Connects to WhatsApp, Telegram, Slack, Discord, Gmail and other messaging apps,, has memory, scheduled jobs, and runs directly on Anthropic's Agents SDK

KeePassXC is a cross-platform community-driven port of the Windows application “KeePass Password Safe”.

An evolving how-to guide for securing a Linux server.