30 open-source projects similar to cn0xroot/rfsec-toolkit, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best RFSec ToolKit alternative.
This project is a comprehensive educational framework and curriculum designed to transition beginners into proficient security engineers. It provides a self-taught hacking curriculum centered on mastering system internals, programming, and attack techniques through structured pedagogical paths and recursive learning. The framework distinguishes itself by integrating a productivity system specifically for engineers, which combines block-based time scheduling and incremental task management to prevent burnout and overcome procrastination. It further connects technical growth to professional adv
AFL++ is a coverage-guided fuzzing framework that discovers crashes and hangs in software by mutating inputs while tracking which code paths are exercised. It functions as both a fuzzing engine and a campaign manager, supporting targets with or without source code through compile-time instrumentation, dynamic binary instrumentation, and emulation. The framework includes tools for crash triage and analysis, test case minimization, and campaign deployment across local or distributed environments. The framework distinguishes itself through its breadth of instrumentation backends, allowing users
This tool generates age X25519 identity with a recipient that has a specified prefix. The output is identical to age-keygen.
Easily configure macOS security settings from the terminal.
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
Toolkit to emulate firmware and analyse it for security vulnerabilities
In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains:
🐧 Security-focused Linux distribution with 140+ tools, custom kernel 6.17.13, AI assistant | 5 editions | Cloud, AI/ML, Automotive, Hardware hacking
Rust web fuzzer - async/await, Tokio, directory brute-force
BeEF is a modular security testing environment designed for browser exploitation and web application auditing. It functions as a platform for security professionals to evaluate client-side defenses by injecting persistent scripts into web browsers, establishing a bidirectional communication channel for remote command execution and data exfiltration. The framework distinguishes itself through its ability to use compromised browser sessions as proxies to conduct internal network reconnaissance, effectively bypassing perimeter security controls. It utilizes an event-driven control interface and
Probable-Wordlists is a collection of curated data resources providing password frequency lists, character masks, and common identity identifiers for security research. These resources serve as credential analysis tools to identify popular password trends and support the creation of secure credentials. The project provides password frequency wordlists and security research wordlists, including common usernames and top-level domains. It includes password recovery datasets featuring character masks and rule sets designed to analyze vulnerability patterns. The repository covers a broad range of
This project is a community-driven directory that serves as a comprehensive index of command-line tools, frameworks, and resources. It functions as a curated knowledge base designed to help users discover software for enhancing terminal environments and streamlining daily development tasks. The collection is maintained through an open-source contribution model, where community members manually verify and organize resources into structured categories. This collaborative approach ensures the directory remains a reliable reference for finding specialized utilities, alternative shell implementati
Krawl is a customizable, lightweight, cloud-native web deception server and anti-crawler that creates fake web applications with low-hanging vulnerabilities using realistic, randomly generated decoy data and AI-generated HTML templates.
Lonkero - Wraps around your attack surface. Professional-grade scanner for real penetration testing. Fast. Modular. Rust.
DetectionLab is a reproducible Windows Active Directory security lab designed for testing detection capabilities. It uses an automation framework based on Vagrant and Packer to provision virtualized networks across multiple hypervisors and cloud platforms. The project utilizes Ansible for the declarative installation and configuration of domain services and endpoint security tools. It incorporates a browser-based remote access interface via Apache Guacamole to manage laboratory hosts without requiring standalone remote desktop clients. The environment includes a telemetry pipeline that aggre
Commix is an automated tool for detecting and exploiting OS command injection vulnerabilities in web applications. It probes user-supplied input vectors with heuristic test payloads, analyzes response differences to identify injection points, and then automates the execution of arbitrary operating system commands on the target server. The tool distinguishes itself through a multi-layer filter bypass engine that evaluates input constraints independently per filter type and composes tailored evasion strategies into a single payload. A modular payload tamper pipeline transforms raw injection str
DNS spoofer. Drops DNS responses from the router and replaces it with the spoofed DNS response
Red Team Toolkit - A curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
OWASP PTK - application security browser extension.
This project is a centralized, open-access repository that serves as a structured directory for technical education and professional development. It functions as a community-driven knowledge base, aggregating high-quality learning materials to support global accessibility to computer science and software engineering resources. The platform distinguishes itself through a collaborative governance model that utilizes peer-reviewed workflows for all content additions and modifications. By leveraging structured text files and decentralized version control, the repository maintains a searchable, hu
a list of awesome resources related to security and hacking of VoIP, WebRTC and VoLTE
Brute-force a JWT HS256, HS384 or HS512 from your browser (online)
Sn1per is a vulnerability management platform and penetration testing orchestrator designed to automate reconnaissance, vulnerability scanning, and exploit verification. It functions as a dockerized security toolkit that coordinates multiple tools into a unified automated pipeline to identify security flaws across network and web assets. The platform features an attack surface manager for discovering internet-facing assets through OSINT, DNS enumeration, and certificate transparency. It distinguishes itself with an AI-powered security analyzer that uses large language models to summarize scan