A collection of various awesome lists for hackers, pentesters and security researchers

An open-source x64/x32 debugger for windows.

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

Fast, multi-platform web server with automatic HTTPS

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Security Guide for Developers (实用性开发人员安全须知)

Set up a personal VPN in the cloud

SQL powered operating system instrumentation, monitoring, and analytics.

Guide to securing and improving privacy on macOS

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.

List of Computer Science courses with video lectures.

Checklist of the most important security countermeasures when designing, testing, and releasing your API

Scripts to build your own IPsec VPN server, with IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

UNIX-like reverse engineering framework and command-line toolset

How to improve NGINX performance, security, and other important things.

Source code for Hacker101.com - a free online web and mobile security class.

⚙️ NGINX config generator on steroids 💉

An evolving how-to guide for securing a Linux server.

Tink is a multi-language, cross-platform, open source library that provides cryptographic APIs that are secure, easy to use correctly, and hard(er) to misuse.

This is a collection of tutorials for learning how to use Docker with various tools. Contributions welcome.

Free cross-platform password manager compatible with KeePass

The Rogue Access Point Framework

OAuth2 Server and OpenID Certified™ OpenID Connect Provider written in Go - cloud native, security-first, open source API security for your infrastructure. SDKs for any language.

DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)

Secure Access for Developers that doesn't get in the way.

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

OpenZeppelin Contracts is a library for secure smart contract development.

A free & open modern, fast email client with user-friendly encryption and privacy features