30 open-source projects similar to bad-antics/nullsec-linux, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Nullsec Linux alternative.
Commando VM is a Windows-based penetration testing distribution and offensive security virtual machine. It serves as a toolset manager for deploying and maintaining a curated collection of security tools, scripts, and configurations designed for security auditing, red teaming, and adversary simulation. The project automates the provisioning of a specialized workstation by using PowerShell scripts and a modular repository to orchestrate the installation of offensive security software. It utilizes a community-driven package manager to handle dependency resolution and binary installations, ensur
Harden-Windows-Security is a security hardening tool and framework designed to reduce the attack surface of the Windows operating system through policy enforcement. It provides a collection of security presets and templates to implement official hardening standards across multiple devices. The project distinguishes itself through a comprehensive execution control system, featuring a manager for Windows Application Control and a kernel protection suite. It implements strict trust models, including kernel-mode driver whitelisting, signed policy implementation on the EFI partition, and code inte
Commando-VM is a Windows penetration testing distribution and offensive security toolkit. It provides a specialized virtual machine environment loaded with a curated suite of security auditing and exploitation tools designed for red teaming operations. The project facilitates the creation of red team infrastructure and security audit environments. It focuses on windows security auditing and penetration testing to help simulate adversary behavior and identify exploitable security flaws. The environment is established through script-based provisioning and modular toolset deployment. This proce
AFL++ is a coverage-guided fuzzing framework that discovers crashes and hangs in software by mutating inputs while tracking which code paths are exercised. It functions as both a fuzzing engine and a campaign manager, supporting targets with or without source code through compile-time instrumentation, dynamic binary instrumentation, and emulation. The framework includes tools for crash triage and analysis, test case minimization, and campaign deployment across local or distributed environments. The framework distinguishes itself through its breadth of instrumentation backends, allowing users
This tool generates age X25519 identity with a recipient that has a specified prefix. The output is identical to age-keygen.
Easily configure macOS security settings from the terminal.
This project is a community-driven directory that serves as a comprehensive index of command-line tools, frameworks, and resources. It functions as a curated knowledge base designed to help users discover software for enhancing terminal environments and streamlining daily development tasks. The collection is maintained through an open-source contribution model, where community members manually verify and organize resources into structured categories. This collaborative approach ensures the directory remains a reliable reference for finding specialized utilities, alternative shell implementati
In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains:
Rust web fuzzer - async/await, Tokio, directory brute-force
BeEF is a modular security testing environment designed for browser exploitation and web application auditing. It functions as a platform for security professionals to evaluate client-side defenses by injecting persistent scripts into web browsers, establishing a bidirectional communication channel for remote command execution and data exfiltration. The framework distinguishes itself through its ability to use compromised browser sessions as proxies to conduct internal network reconnaissance, effectively bypassing perimeter security controls. It utilizes an event-driven control interface and
Probable-Wordlists is a collection of curated data resources providing password frequency lists, character masks, and common identity identifiers for security research. These resources serve as credential analysis tools to identify popular password trends and support the creation of secure credentials. The project provides password frequency wordlists and security research wordlists, including common usernames and top-level domains. It includes password recovery datasets featuring character masks and rule sets designed to analyze vulnerability patterns. The repository covers a broad range of
Krawl is a customizable, lightweight, cloud-native web deception server and anti-crawler that creates fake web applications with low-hanging vulnerabilities using realistic, randomly generated decoy data and AI-generated HTML templates.
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
Download CSET For Windows: CSET 10.1 Standalone Installer
DetectionLab is a reproducible Windows Active Directory security lab designed for testing detection capabilities. It uses an automation framework based on Vagrant and Packer to provision virtualized networks across multiple hypervisors and cloud platforms. The project utilizes Ansible for the declarative installation and configuration of domain services and endpoint security tools. It incorporates a browser-based remote access interface via Apache Guacamole to manage laboratory hosts without requiring standalone remote desktop clients. The environment includes a telemetry pipeline that aggre
RFSec-ToolKit is a collection of Radio Frequency Communication Protocol Hacktools.无线通信协议相关的工具集,可借助SDR硬件+相关工具对无线通信进行研究。Collect with ♥ by HackSmith
Commix is an automated tool for detecting and exploiting OS command injection vulnerabilities in web applications. It probes user-supplied input vectors with heuristic test payloads, analyzes response differences to identify injection points, and then automates the execution of arbitrary operating system commands on the target server. The tool distinguishes itself through a multi-layer filter bypass engine that evaluates input constraints independently per filter type and composes tailored evasion strategies into a single payload. A modular payload tamper pipeline transforms raw injection str
DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
Red Team Toolkit - A curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
OWASP PTK - application security browser extension.
This project is a PowerShell-based post-installation automation suite and configuration manager designed to optimize Windows 10 and Windows Server deployments. It functions as a system optimization tool that applies idempotent tweaks to ensure an operating system reaches a specific desired state after a fresh installation. The tool distinguishes itself through the use of preset-based task orchestration and a modular tweak library. It allows for the definition of custom setup presets via external files and supports the extension of its capabilities through the import of custom modules. Every s
This project is a security hardening guide and privacy configuration manual for macOS. It provides a comprehensive set of instructions for configuring system settings to improve privacy, reduce the attack surface, and implement a malware defense framework. The guide covers technical methods for validating software notarization, verifying application sandboxing, and auditing system activity. It distinguishes itself by providing detailed workflows for restricting high-risk features and applying advanced security configurations to protect the operating system. The documentation covers several k
This project is a centralized, open-access repository that serves as a structured directory for technical education and professional development. It functions as a community-driven knowledge base, aggregating high-quality learning materials to support global accessibility to computer science and software engineering resources. The platform distinguishes itself through a collaborative governance model that utilizes peer-reviewed workflows for all content additions and modifications. By leveraging structured text files and decentralized version control, the repository maintains a searchable, hu
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.