SMB and LDAP Protocol Scanners

This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessments and penetration testing. The repository distinguishes itself through a cross-platform payload taxonomy that categorizes exploitation methods by vulnerability type and target environment, enabling rapid lookup during security assessments. It maintains high standards of data integrity and collaborative growth by utilizing version-controlled knowledge management and template-driven content generation, ensuring that the research remains current and consistent across a wide range of technical domains. The project covers a broad capability surface, including detailed references for web application security, database injection, insecure deserialization, and AI model security testing. It also aggregates external resources, such as research papers and third-party tools, to provide a holistic view of modern threat analysis and defensive research. The documentation is organized as a hierarchical tree of markdown files, designed for easy navigation and reference during active security engagements.

This project is a community-curated directory of open-source tools and resources designed to assist system administrators with infrastructure management. It functions as a centralized knowledge base, providing a structured index of software and documentation that helps professionals discover solutions for automating, monitoring, and maintaining distributed computing environments. The repository distinguishes itself through a collaborative, community-driven structure that organizes a vast array of technical resources into a hierarchical taxonomy. By utilizing hyperlink-centric navigation, it directs users to external repositories and official documentation, ensuring that practitioners can easily locate high-quality utilities for specific operational domains. The entire collection is managed via a version-controlled system, which facilitates ongoing contributions and updates from the community. The directory covers a comprehensive range of infrastructure capabilities, including automated configuration management, deployment pipelines, and container orchestration. It also provides access to resources for identity and access control, performance monitoring, log management, and network service discovery. Beyond core infrastructure tasks, the collection includes tools for database administration, backup solutions, and project management. The project is maintained as a collection of markdown-based files, ensuring the documentation remains portable and easy to navigate.

This project is an automated security testing suite designed to detect and exploit database vulnerabilities. It functions as a command-line utility that streamlines the identification, verification, and exploitation of web application flaws by automating the injection of malicious payloads into input parameters. The tool provides a comprehensive framework for database enumeration, allowing users to extract schema information, user data, and system configurations from identified injection points. What distinguishes this tool is its sophisticated engine for dynamic payload adaptation and heuristic fingerprinting, which adjusts injection techniques in real-time based on server responses. It supports advanced post-exploitation capabilities, including remote command execution on the underlying host operating system and file system access through database-level vulnerabilities. To navigate restricted environments, the software incorporates out-of-band data exfiltration channels and a middleware pipeline for applying user-defined transformations to bypass security filters and web application firewalls. The suite covers a broad range of operational requirements, including stateful session management, anti-CSRF token handling, and extensive request customization. It supports various target specification methods, such as proxy log analysis and remote API management, while offering granular control over scan performance and detection thresholds. The software is distributed as a command-line application, with configuration management supported through external file loading and command-line arguments.

This project is a comprehensive cybersecurity tool collection designed to support security research, penetration testing, and vulnerability assessment. It functions as a unified penetration testing suite, providing a centralized environment where professionals can access a wide range of offensive security utilities to identify system weaknesses and study attack vectors. The platform distinguishes itself through a modular architecture that aggregates disparate security scripts into a single, hierarchical command-line interface. It simplifies the management of these utilities by integrating external repositories, allowing users to fetch and organize third-party tools directly into a structured local directory. By utilizing a categorized menu system and shell-based process execution, the suite enables efficient navigation and direct invocation of specialized tools for tasks ranging from forensic analysis and reverse engineering to exploit development. The toolkit covers a broad spectrum of security domains, including web and wireless attack vectors, cloud security, payload creation, and social media analysis. It also incorporates automated environment setup to handle the installation of necessary system packages and language runtimes, ensuring compatibility across its diverse collection of utilities.

Presto is a distributed SQL query engine designed for high-performance analytical processing across heterogeneous data sources. It functions as a data federation platform and massively parallel processing engine, allowing users to execute interactive queries against diverse storage systems without requiring data migration. By mapping remote metadata and structures to a unified relational namespace, it enables seamless cross-platform analysis through a standard SQL interface. The engine distinguishes itself through a pluggable connector architecture and a shared-nothing distributed processing model that coordinates tasks across worker nodes. It incorporates cost-based query optimization to rewrite execution paths based on table statistics and historical data, ensuring efficient resource utilization. To maintain stability during large-scale operations, the system features a memory-spilling execution engine that offloads intermediate results to disk when memory thresholds are exceeded. The platform provides extensive capabilities for multi-tenant resource management, allowing administrators to enforce concurrency, memory, and CPU limits through hierarchical resource grouping. It supports a wide range of analytical operations, including advanced windowing, geospatial processing, and probabilistic data structures for approximate statistics. Security is integrated through granular access control policies, role-based authentication, and encrypted communication across the cluster. Presto is implemented in Java and supports deployment via containerized instances or distributed cluster orchestration in Kubernetes environments.

Masscan is a command-line network scanner designed for large-scale discovery and infrastructure reconnaissance. It identifies open ports across specific network segments or the entire internet by probing vast address ranges with high efficiency. The tool functions as an asynchronous packet engine, bypassing standard operating system kernel networking stacks to transmit raw packets directly from application memory. The project distinguishes itself through a specialized architecture that manages millions of concurrent connections by separating packet transmission and reception into independent execution threads. It utilizes a stateless, index-based mathematical algorithm to randomize target selection, ensuring probes are distributed unpredictably across address spaces. To maintain consistent performance and prevent network congestion, the scanner employs a high-precision timer to regulate transmission rates and uses zero-copy buffer management to minimize memory overhead. The software provides a platform-agnostic interface for raw network access, allowing it to operate consistently across different hardware and operating system environments. It supports the export of collected reconnaissance data into structured formats such as XML, JSON, or plain text for further analysis. The application is distributed as a portable utility, with its core codebase maintained through standardized string handling and automated testing.

YunoHost is a self-hosted server management platform designed for deploying, configuring, and maintaining a suite of open source applications on a private server. It functions as a package-based application orchestrator that installs and updates software from a curated catalog using standardized deployment scripts. The platform features a centralized identity management system using a directory service to synchronize user accounts and credentials across hosted applications for single sign-on access. It includes an integrated reverse proxy to route network traffic to backend services based on domain names and an automated system for requesting and renewing security certificates to ensure encrypted connections. The system provides capabilities for hosting personal email services, managing domain name configurations, and securing network traffic via firewalls and intrusion prevention tools. It also includes a web-based administrative interface for managing server settings and a snapshot-based backup system to recover data and configurations. This management system can be deployed across hardware targets including ARM boards, x86 computers, virtual machines, and cloud servers.

The framework is a comprehensive penetration testing platform designed for the development, testing, and execution of security exploits. It serves as a research toolkit and automated assessment environment, enabling security professionals to identify and validate vulnerabilities within networked systems and infrastructure through repeatable, standardized procedures. The platform distinguishes itself through a modular architecture that supports reflective payload injection, allowing for the execution of code directly in memory without writing to disk. It utilizes an asynchronous event loop to manage high-performance, concurrent network connections and features a transport-agnostic communication layer that abstracts protocols to maintain persistent command and control. Users can extend the core functionality through a plugin system and define complex exploit logic using a domain-specific language. The framework provides robust capabilities for remote payload management, including the configuration of network settings like sleep intervals and timeout thresholds. It maintains state persistence across long-running sessions by storing discovered host information and vulnerability data in a relational database. The software is designed for cross-platform deployment, with installation support available for Linux, macOS, and Windows environments.

rustdesk-server is a self-hosted remote desktop server infrastructure designed to manage ID signaling and relay traffic for remote connections between peers. It provides the necessary backend environment to coordinate remote access sessions through rendezvous-based signaling and relay-based traffic forwarding. The system distinguishes itself with a remote access management console for organizing devices and enforcing security policies, as well as an identity integrator for OIDC-based federation and LDAP directory synchronization. It utilizes geolocation-aware routing to distribute traffic across multiple relay servers and employs UDP-based hole punching to establish direct peer-to-peer links by bypassing firewalls and NAT barriers. Broad capabilities include comprehensive identity and access management, automated client deployment and branding, and granular security controls such as IP filtering and session lifetime management. The server also supports real-time communication via WebSockets, audit logging, and the ability to host a web-based client. The infrastructure can be deployed as a server suite on Linux systems or via containerized deployment tools.

Apache JMeter is a Java-based performance testing tool and multi-protocol traffic simulator used to analyze the stability and scalability of servers and networks. It functions as a distributed load testing framework that coordinates remote worker nodes from a single controller to generate high volumes of concurrent traffic. The project is distinguished by its ability to simulate traffic across diverse backend systems, including HTTP, JDBC, LDAP, JMS, FTP, and TCP. It provides a headless command-line interface for automated execution and a reporting system that transforms raw sample logs into analytical dashboards featuring APDEX scores and response time percentiles. The framework covers a broad set of capabilities for test engineering, including browser traffic recording, data parameterization via external files, and response validation. It includes utilities for data extraction using JSONPath, XPath, and regular expressions, as well as traffic management tools for throughput throttling and connection emulation. Extensibility is supported through a plugin-based architecture that allows for the development of custom samplers, GUI components, and the integration of custom Java code or scripting languages.

This project is a command-line utility designed to benchmark and optimize network connectivity by identifying the fastest available content delivery network nodes. It performs concurrent latency probing and speed testing across large pools of IP addresses to evaluate real-world performance based on your specific geographic location and network environment. Beyond simple benchmarking, the tool functions as an automated configuration manager that synchronizes your network settings with the best-performing endpoints discovered during testing. It integrates with external DNS management services to update domain records and can modify local system files or generate configuration files for domain resolution services to ensure traffic is consistently routed through optimized paths. The software also includes capabilities for local network acceleration by spawning a lightweight proxy server that prioritizes high-speed connections. Users can customize the evaluation criteria, such as latency thresholds or packet loss limits, through command-line arguments to tailor the performance analysis to their specific requirements.

Kanidm is a centralized identity management server designed to handle authentication, authorization, and directory services across distributed infrastructure. It provides a comprehensive framework for managing human and service accounts, utilizing a schema-driven database to store identity records, group memberships, and system attributes. The platform supports a wide range of authentication methods, including passkeys, passwords, and standard protocols like OAuth2, OIDC, LDAP, and RADIUS. The system distinguishes itself through a granular access control engine that enforces security policies based on user, group, and resource attributes. It incorporates advanced security features such as privilege access mode enforcement, which requires reauthentication for sensitive operations, and high-privilege group tainting to prevent lateral movement. Administrators can delegate management tasks for specific entries or groups, ensuring that permissions remain tightly scoped while maintaining operational flexibility. Beyond core identity functions, the platform includes robust tools for system maintenance, including automated backup scheduling, database consistency verification, and multi-node replication to ensure high availability. It also provides deep integration with host operating systems through pluggable authentication modules and supports infrastructure access provisioning by managing SSH keys and POSIX attributes. The project provides a suite of command-line utilities for administrative tasks, session management, and server configuration. Documentation and installation resources are available to guide the deployment of the server and its associated client tools.

This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity practitioners. By mapping resources across offensive security, infrastructure management, and software development, it offers a unified path for skill acquisition and professional reference. The project is defined by a command-line-first design philosophy, prioritizing terminal-based utilities and scriptable interfaces to facilitate efficient system administration and repeatable security workflows. It distinguishes itself through a platform-agnostic approach, maintaining documentation and operational guides that remain applicable across diverse Unix-like and cloud-based environments. This modular toolchain integration allows users to compose custom environments tailored to specific administrative or security tasks. The repository covers a broad capability surface, including comprehensive toolkits for system auditing, network management, and infrastructure hardening. It provides structured learning paths for cybersecurity skill development, ranging from ethical hacking labs and penetration testing standards to vulnerability assessment and system configuration best practices. The collection also encompasses a wide array of productivity tools, diagnostic utilities, and educational materials designed to streamline routine maintenance and enhance overall security posture.

This project is a comprehensive reference collection of practical implementation examples and patterns for building applications with Spring Boot. It serves as a Java web application template and a showcase for developing functional web services featuring REST endpoints, template engines, and global exception handling. The repository distinguishes itself by providing detailed demonstrations of enterprise-grade features, including distributed locking, task scheduling, and asynchronous message exchange using brokers like RabbitMQ. It also includes reference implementations for automated API documentation and a variety of data integration patterns. The project covers a broad range of capability areas, including enterprise authentication and security via JWT, LDAP, and third-party providers. It demonstrates extensive data storage integration across relational databases with sharding and multi-datasource routing, as well as NoSQL stores such as MongoDB, Redis, and Elasticsearch. Additional coverage includes real-time bidirectional communication systems, monitoring and observability tools, and traffic management through local and distributed rate limiting.

AdGuardHome is a network-wide software solution that provides centralized control over domain name resolution, content filtering, and local network management. It functions as a recursive DNS server and DHCP address server, intercepting network traffic to enforce security policies and block unwanted content across all connected devices. By acting as a central gateway, it ensures that every device on a home or office network benefits from consistent protection and private, authenticated name resolution. The software distinguishes itself through granular client management and robust security features. It automatically identifies connected hardware to provide detailed traffic statistics and allows for the application of custom filtering rules to specific devices or groups. To ensure privacy, it supports encrypted DNS protocols, including DNS-over-HTTPS and DNS-over-TLS, and automates the acquisition and renewal of SSL certificates. Administrators manage these settings through a centralized web-based dashboard, which also provides tools for monitoring performance and configuring upstream routing. The platform is designed for flexible deployment across diverse environments, including virtual servers, single-board computers, and isolated containers. It maintains system state through human-readable configuration files and supports non-privileged execution to enhance security. The project emphasizes integrity and reliability, offering reproducible build verification and standardized packaging for various operating systems and hardware architectures.

Ethical-Hacking-Labs is a comprehensive cybersecurity training curriculum and lab suite designed for learning penetration testing, network analysis, and offensive security techniques. It provides a structured environment for practicing the full attack lifecycle, from initial reconnaissance and scanning to exploitation and post-compromise analysis. The project provides instructional materials and guided exercises that cover specific technical domains, including open source intelligence research and network security courseware. It includes a practical workbook for identifying system vulnerabilities and practicing credential cracking and privilege escalation. The suite covers a broad range of security capabilities, including network scanning, vulnerability assessment, and traffic analysis. It also includes utilities for credential access through hash cracking, open source intelligence gathering, and the simulation of attack vectors using malicious payloads. The labs utilize virtualization environment setup to deploy pre-configured security distribution images within isolated virtual networks.

This application is a desktop network traffic analyzer that provides real-time monitoring and forensic inspection of data packets. By interfacing directly with low-level system drivers, it captures raw network traffic from physical or virtual adapters to identify communication patterns, track bandwidth usage, and diagnose connectivity issues. The system distinguishes itself through an immediate-mode graphical interface that rebuilds the display state every frame, ensuring high responsiveness during live data updates. It maintains performance by using asynchronous message passing to decouple the packet capture engine from the rendering thread. To provide context for network activity, the application performs real-time enrichment through high-speed database lookups, enabling features like autonomous system identification, host location mapping, and reverse DNS resolution. Beyond basic monitoring, the tool includes comprehensive diagnostic and security capabilities. Users can apply granular traffic filtering, manage alert conditions for specific network events, and utilize automated threat detection to identify and block suspicious connections. The software also supports the recording of traffic data into standard file formats for offline analysis and provides configuration options for operation within isolated containerized environments.

Curl is a command-line tool and portable library for transferring data across a wide range of network protocols. It functions as a unified engine that abstracts diverse communication standards, allowing users and developers to move files and information between servers using a consistent interface. The project provides both a versatile command-line client for terminal-based automation and a stable programmatic interface for integrating complex network operations into applications. The system is distinguished by its protocol-agnostic core and its ability to manage both synchronous and asynchronous network transfers. It features a non-blocking event loop that enables multiple simultaneous transfers within a single thread, alongside a connection pooling mechanism that reuses network sockets to minimize latency. Security is a primary focus, implemented through a pluggable architecture that supports various cryptographic backends, native certificate store integration, and comprehensive authentication mechanisms for protected resources. Beyond core data movement, the project includes extensive support for modern networking standards, including HTTP/3, WebSockets, and MQTT. It offers sophisticated state management through a built-in cookie engine and provides granular control over request headers, URL construction, and batch processing. These capabilities are supported by robust debugging tools that allow for the inspection of raw request and response data during development. The project is distributed with standard configuration scripts and package management support to facilitate integration into diverse build environments.

LOLBAS is a curated database and knowledge base of signed Windows binaries that can be misused to bypass security restrictions and execute unauthorized code. It serves as a technical registry that maps trusted system files to their functional capabilities and the offensive tactics they enable. The project distinguishes itself by providing a capability-driven indexing system and a tactics registry that relates legitimate binary functionality to known security evasion techniques. It includes an association layer that links specific system binaries to attack patterns and tactical objectives, providing a reference for security research and threat detection engineering. The project covers a wide range of operational capabilities, including code execution via signed proxies, credential theft and exfiltration, and defense evasion through the use of alternate data streams. It also encompasses tools for file management, network communication, and the creation of detection signatures to identify abnormal execution patterns of trusted binaries. The binary data is available for export in JSON, CSV, and YAML formats to facilitate integration with external security tools.