AI Summary: OneDorkForAll is an extensive compilation of Google dorks sourced from platforms such as Google, Shodan, and GitHub, specifically aimed at cybersecurity professionals and bug bounty hunters. It encompasses over 1 million dorks related to various vulnerabilities including LFI, SQL injection, and XSS, as well as job search techniques, and includes sensitive data reconnaissance methods for exposed configuration files, directories, and database files. Notably, it also includes dark web dorks for educational purposes, promoting responsible use of the information provided.

AI Summary: onedrive_user_enum is a tool designed for enumerating valid OneDrive users by leveraging the HTTP response codes from file share URLs. Its primary use case is passive user enumeration, which avoids direct login attempts, making it less detectable by the target organization. Notable features include options for remote logging to MySQL, local SQLite database support, user list truncation, and mechanisms for de-duplication and user list management.

README

onedrive_user_enum v2.10

enumerate valid onedrive users

AI Summary: OneListForAll is a web fuzzing tool that generates a variety of curated wordlists for penetration testing, focusing on efficiency and organization. Its notable features include automated synchronization of multiple source repositories, categorization of wordlists into short and long versions, deduplication, and a streamlined CLI for pipeline management. The tool consolidates wordlists into manageable files, supporting broad use cases from local fuzzing to advanced vulnerability assessments.

README

OneListForAll

Wordlists for web fuzzing: curated micro, categorized short/long, and combined final lists.

AI Summary: OnionSearch is a Python3 script designed for scraping URLs from various “.onion” search engines, facilitating access to hidden services on the Tor network. It supports multiple search engines and features options for proxy configuration, output file management, and multi-processing capabilities to enhance scraping efficiency. The tool is intended for educational use, enabling users to perform searches with customizable parameters while maintaining optimal performance.

README

OnionSearch

👋 Hi there! For any professional inquiries or collaborations, please reach out to me at: megadose@protonmail.com

AI Summary: Open Semantic Search is an integrated search server and ETL framework designed for comprehensive document processing, including crawling, text extraction, text analysis, and named entity recognition—fully supporting various search functionalities such as fulltext, faceted, exploratory, and knowledge graph searches. Notable features include Docker container support, the ability to generate search user interfaces, and extensive automated testing capabilities, enabling seamless integration and deployment. This tool is particularly valuable for organizations needing robust, customizable search solutions across diverse data types and sources.

AI Summary: The Open Source Security Guide serves as a comprehensive resource for enhancing the security of systems and networks by providing tutorials, standards, and tools relevant to open-source security practices. It includes sections on security certifications, threat models, and various security frameworks, along with a curated list of tools and resources to improve security operations. Notably, it aims to foster a collaborative environment for sharing best practices and advancing security through community initiatives.

AI Summary: open-appsec is a machine learning-based web application and API threat protection tool designed to guard against OWASP Top 10 vulnerabilities and zero-day attacks. It employs a dual-phase evaluation process using both supervised and unsupervised models to intelligently assess the legitimacy of HTTP requests based on user interaction patterns and predefined attack indicators. Notable features include support for deployment on Linux, Docker, and Kubernetes environments, along with flexible management options through declarative configuration, Helm charts, and a SaaS web interface.

AI Summary: openblack is an open-source reimplementation of the classic game “Black & White” (2001), developed using modern C++ and contemporary rendering technologies like OpenGL and Vulkan. This tool primarily serves to allow users to experience the original gameplay while requiring the original game assets for operation. Noteworthy features include pre-built binaries for multiple platforms, including Windows, Linux, and macOS, along with experimental builds for additional architectures and devices.

README

openblack

AI Summary: OpenCVE is a Vulnerability Intelligence Platform designed to efficiently monitor and manage Common Vulnerabilities and Exposures (CVEs). It provides features such as aggregation from multiple sources, customizable filtering, alert subscriptions, and collaboration tools for tracking CVE progress within teams. Notable functionalities include AI-driven enrichment, customizable dashboards, and detailed reporting capabilities to streamline vulnerability management processes.

README

What is OpenCVE?

OpenCVE is a Vulnerability Intelligence Platform that helps you monitor and manage CVEs efficiently.

AI Summary: opendbc is a Python API designed for interacting with automotive systems, enabling the control of vehicle functions such as steering, gas, and brakes, as well as reading vehicle data like speed and steering angle. Its primary use case is to facilitate the development and integration of advanced driver-assistance systems (ADAS) using the openpilot platform, while also expanding into broader automotive management capabilities. Notable features include support for parsing and building CAN messages via DBC files, a repository of compatible vehicle models, and a structured approach for adding new vehicle support and functionalities.

AI Summary: OpenHaystack is a framework designed for tracking personal Bluetooth devices through Apple’s Find My network, enabling users to create custom tracking tags for various physical objects. It utilizes a macOS application and custom firmware for Bluetooth devices, allowing them to be discoverable by nearby iPhones that can report their location without requiring cellular coverage. Notably, OpenHaystack leverages reverse-engineering and security analysis of Apple’s offline finding features, though it remains experimental and untested.

AI Summary: OpenPods is a free and open-source Android application designed for monitoring Apple AirPods connectivity and status. It features real-time notifications for connected AirPods, privacy-respecting functionality, and support for a dark theme, while being compatible with multiple generations of AirPods and Beats headphones. The tool explicitly violates Google Play policies, hence it is not intended for distribution on that platform.

README

OpenPods

The Free and Open Source app for monitoring your AirPods on Android

AI Summary: openSquat is an open-source intelligence (OSINT) tool designed to identify cyber squatting threats against brands or domains. It leverages advanced detection techniques, such as similarity detection using the Levenshtein distance algorithm, and integrates with services like VirusTotal for domain reputation checks. Key features include daily updates on newly registered domains, DNS validation, and multiple output formats, enhancing its utility for security professionals monitoring potential domain-related threats.

README

AI Summary: Open ‘Tendo is an open-source hardware project that recreates the original 1985 Front-Loading NES motherboard, focusing on documentation and preservation through reverse engineering. The repository provides comprehensive design files, including a bill of materials, schematics, and PCB layouts in KiCad format, while intentionally excluding modern video output improvements like RGB or HDMI. Users are encouraged to utilize the designs for personal projects, manufacturing replacement boards, or for further custom PCB work.

AI Summary: OpenWifiPass is an open-source implementation of the grantor role in Apple’s Wi-Fi Password Sharing protocol, designed for sharing Wi-Fi credentials (SSID and PSK) using Bluetooth Low Energy on Linux systems like the Raspberry Pi. It serves educational and experimental purposes, featuring a simple command-line interface to initiate the sharing process, although it currently lacks identity verification for requestors, posing security risks when handling sensitive credentials. Notably, the project includes a reusable OPACK (de)serializer for handling packet data, emphasizing its experimental nature and community-driven development.

AI Summary: Operative Framework is a digital investigation tool designed for interacting with multiple targets, executing a variety of modules, and managing links with these targets. Its notable features include the ability to export reports in PDF format, support for crafting custom modules, and a RESTful API for integration, all underpinned by a redesigned architecture in Rust for enhanced performance and functionality.

README

operative framework is a digital investigation framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.

AI Summary: The OSCE³ and OSEE Study Guide provides comprehensive resources for mastering web security concepts and techniques relevant to the Offensive Security Certified Expert (OSCE) and Offensive Security Exploitation Expert (OSEE) certifications. Its primary use case is to aid cybersecurity professionals in studying various attack vectors and methodologies, including but not limited to SQL injections, cross-site scripting, and remote code execution. Notable features include an extensive list of reference materials, as well as detailed discussions of numerous vulnerabilities and exploitation strategies.

AI Summary: The OSCP Cheat Sheet repository provides a comprehensive collection of essential commands and techniques specifically tailored for the Offensive Security Certified Professional (OSCP) exam. It includes updates on advanced exploitation methods such as Active Directory Certificate Services abuse and Shadow Credentials attacks, alongside practical resources for information gathering, vulnerability analysis, and exploitation strategies. The tool aims to assist users in navigating the exam requirements while emphasizing the importance of adhering to current exam guidelines.

AI Summary: The OSCP repository contains a collection of scripts and tools designed to assist in penetration testing and privilege escalation, particularly for the OSCP exam. Notable features include custom scripts for Linux privilege checks, port knocking, cron job analysis, and a comprehensive Windows privilege escalation check, along with a SQL injection cheatsheet for manual exploitation techniques. This repository is aimed at providing streamlined and efficient tools for security practitioners during their testing processes.

AI Summary: The OSCP Exam Report Template provides structured templates for documenting OSCP Lab and Exam reports, designed to reduce the anxiety associated with report writing. Notable features include a detailed Table of Contents, machine-specific sections with links for easy navigation, and additional headers for crucial elements such as scan results and proof documentation. The template facilitates a comprehensive and organized representation of a penetration testing process following the OSCP guidelines.

AI Summary: The OSCP Exam Report Template in Markdown is designed to streamline the report writing process for Offensive Security exams, eliminating the need for traditional word processors like LaTeX and Microsoft Word. It allows users to write reports in Markdown, which enhances efficiency, reduces formatting issues, and integrates version control capabilities. Notable features include a script for automatic report generation, support for various text editors, and a clean, professional layout for certification documentation.

AI Summary: The OSCP-Human-Guide is a personal guide tailored for preparing for the Offensive Security Certified Professional (OSCP) exam, featuring a collection of resources, strategies, and mock exam frameworks. Its primary use case is to assist aspiring penetration testers in navigating lab environments and exam simulations effectively. Notable features include detailed walkthroughs of lab machines, advice on exam preparation, and a CherryTree template for organization of findings.

README

OSCP-Human-Guide

Edit I’m currently moving all the OSCP stuff and other things to my “pentest-book”. This repository will not have more updates. Sorry for the inconvenience.

AI Summary: OSCP Tricks is a comprehensive resource designed to assist penetration testers preparing for the Offensive Security Certified Professional (OSCP) exam. It encompasses various techniques across critical areas such as information gathering, web application attacks, privilege escalation on both Linux and Windows systems, and more, supplemented with external links to useful tutorials and methodologies. Notable features include categorized attack vectors, detailed enumeration guides, and checklists to streamline the penetration testing process.

AI Summary: OSI.IG is an open-source tool designed for conducting Open Source Intelligence (OSINT) on Instagram accounts by retrieving detailed user information, including profile data, hashtags, mentions, and post metadata. Notable features include the ability to extract user ID, follower counts, and engagement metrics, as well as accessing post details, although it currently struggles with posts marked as sensitive content. The tool aims to work without login credentials, providing a streamlined method for information gathering on Instagram profiles.

AI Summary: OSINT Brazuca is a comprehensive repository designed to aggregate open-source intelligence (OSINT) resources specifically relevant to Brazil. Its primary use case is to facilitate the gathering and analysis of publicly available information from various websites and portals, enhancing research and investigative efforts in fields like journalism and cybersecurity. Notable features include a structured collection of sources, adherence to legal guidelines such as the Brazilian General Data Protection Law (LGPD), and best practice recommendations for ethical information use.