The official GitHub mirror of the Chromium source

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Keybase Go Library, Client, Service, OS X, iOS, Android, Electron

INACTIVE - HTTP Holder-Of-Key Authentication Scheme

Mozilla's digital signature service

Convert an APK to an Android Studio Project using multiple open-source decompilers

Cloud Security Posture Management (CSPM)

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readines…

An open source, portable, easy to use, readable and flexible TLS library, and reference implementation of the PSA Cryptography API. Releases are on a varying cadence, typically around 3 - 6 months …

🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

Android backup extractor

Hardware-based attestation / intrusion detection app for Android devices. It provides both local verification with another Android device via QR codes and optional scheduled server-based verificati…

Example app that parses and displays a keystore attestation

This repository contains several applications, demonstrating the Meltdown bug.

Docs and resources on CPU Speculative Execution bugs

Meltdown/Spectre PoC src collection.

Example of using revealed "Spectre" exploit (CVE-2017-5753 and CVE-2017-5715)

Code snippets and tutorials for working with social science data in PySpark

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Keybase Filesystem (KBFS)

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Neural Network Libraries

Symbolic execution tool

An automated, modular cryptanalysis tool; i.e., a Weapon of Math Destruction

Apache Spark - A unified analytics engine for large-scale data processing

Example code from Learning Spark book

Linux kernel source tree

Event bus for Android and Java that simplifies communication between Activities, Fragments, Threads, Services, etc. Less code, better quality.

A declarative API to handle Android runtime permissions.

Autonomous smartphone app. Capable of self-compilation, mutation, and viral spreading. World-first proof-of-principle to bypass Internet kill switches.