The pentester's Swiss knife

vulnerability scanner

nuclei: A fast and customisable vulnerability scanner

Nuclei Nuclei is a fast vulnerability scanner designed to probe modern applications, infrastructure, cloud platforms, and networks, aiding in the identification and mitigation of exploitable vulnerabilities. At its core, Nuclei uses templates—expressed as straightforward...

Security Scorecards

Security Scorecards: OSS Security Scorecards

Security Scorecards Goals Automate analysis and trust decisions on the security posture of open source projects. Use this data to proactively improve the security posture of the critical projects the world depends on. Checks...

code comprehensive analysis platform

Code Analysis: code comprehensive analysis platform

What is TCA Tencent Cloud Code Analysis (TCA for short, code-named CodeDog inside the company early) is a code comprehensive analysis platform, which includes three components: server, web, and client. It supports the integration...

hex editor

rehex: Reverse Engineers’ Hex Editor

Reverse Engineers’ Hex Editor A cross-platform (Windows, Linux, Mac) hex editor for reverse engineering, and everything else. Features Large (1TB+) file support Decoding of integer/floating point value types Inline disassembly of machine code Highlighting...

cloud infrastructure attack

cloudfox: find exploitable attack paths in cloud infrastructure

CloudFox CloudFox helps you gain situational awareness in unfamiliar cloud environments. It’s an open-source command line tool created to help penetration testers and other offensive security professionals find exploitable attack paths in cloud infrastructure....