Security
I use 1Password password manager for saving all my passwords, various other credentials and private notes and it has been a lifesaver thus far. Having a unique password for all my accounts and using 2FA wherever available means I should be quite safe in case any of my accounts gets breached or the password gets leaked.
Lynis - Security auditing and hardening tool, for UNIX-based systems.
SeKey - Use Touch ID / Secure Enclave for SSH Authentication.
SOPS - Editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault and PGP.
ClusterFuzz - Scalable fuzzing infrastructure which finds security and stability issues in software.
RAMBleed - Reading Bits in Memory Without Accessing Them.
Sliver - General purpose cross-platform implant framework that supports C2 over Mutual-TLS, HTTP(S), and DNS.
Infosec_Reference - Information Security Reference That Doesn't Suck.
Messaging Layer Security (MLS) - Security layer for encrypting messages in groups of size two to many.
Molasses - Rust implementation of the Message Layer Security group messaging protocol.
mkcert - Simple zero-config tool to make locally trusted development certificates with any names you'd like.
Boulder - ACME-based CA, written in Go.
HoneyTrap - Extensible and opensource system for running, monitoring and managing honeypots.
Flan Scan - Lightweight network vulnerability scanner.
Hardenize - Meet the new standard for network and security configuration monitoring.
american fuzzy lop - Security-oriented fuzzer.
Pwnagotchi - Deep Reinforcement Learning instrumenting bettercap for WiFi pwning.
is-website-vulnerable - Finds publicly known security vulnerabilities in a website's frontend JavaScript libraries.
camo - HTTP proxy to route images through SSL. Making insecure assets look secure.
Vault - Tool for secrets management, encryption as a service, and privileged access management.
OSS-Fuzz - Continuous Fuzzing for Open Source Software.
Wifiphisher - Rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. (Code)
crunchy - Finds common flaws in passwords. Like cracklib, but written in Go.
Dispatch - All of the ad-hoc things you're doing to manage incidents today, done for you, and much more.
Sublist3r - Fast subdomains enumeration tool for penetration testers.
disclose.io - Cross-industry, vendor-agnostic standardization project for safe harbor† best practices to enable good-faith security research. (Code)
Awesome Zero trust - Curated collection of awesome resources for the zero-trust security model.
vaulted - Spawning and storage of secure environments.
Destructive Farm - Exploit farm for attack-defense CTF competitions.
Panther - Cloud-native platform for detecting threats with log data, improving cloud security posture, and conducting investigations.
bettercap - Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
security.txt - Proposed standard which allows websites to define security policies.
lego - Let's Encrypt client and ACME library written in Go.
hashcat - World's fastest and most advanced password recovery utility.
Brim - Open source desktop application for security and network specialists.
testssl.sh - Command line tool which checks a server's service on any port for the support of TLS/SSL ciphers, protocols as well as some cryptographic flaws.
AFL++ - Fuzzing framework.
Awake Security - Advanced Network Traffic Analysis Solution.
OpenSC - Open source smart card tools and middleware.
SnapPass - Share passwords securely.
yubikey-agent - Seamless ssh-agent for YubiKeys. (HN)
The SSO Wall of Shame - List of vendors that treat single sign-on as a luxury feature, not a core security requirement.
