Education

MiniCPS is a framework for real-time Cyber-Physical Systems simulation that supports physical process and control device simulation along with network emulation capabilities.

OWASP WrongSecrets is an educational game that teaches proper secrets management by demonstrating common mistakes through interactive challenges across various deployment platforms.

Mellivora Mellivora is a PHP-based CTF engine that provides comprehensive competition hosting capabilities with challenge management, team scoring, and administrative tools for cybersecurity competitions.

A utility that attempts to decrypt data from weak RSA public keys and recover private keys using multiple integer factorization algorithms.

A collection of mobile security resources with tools, white papers, ebooks, and webinars.

A community-driven informational repository providing resources and guidance for hunting adversaries in IT environments.

A collection of CTF writeups from various competitions including picoCTF, GLUG, TUCTF, and HackTheBox challenges, providing detailed solutions and explanations for cybersecurity competition problems.

XVWA is an intentionally vulnerable PHP/MySQL web application designed for security education, containing multiple common web vulnerabilities for hands-on learning and practice.

SecGen is an open-source framework that automatically generates vulnerable virtual machines and hacking challenges for cybersecurity education and penetration testing training.

An educational project that teaches data analysis techniques for cybersecurity applications using Python tools like IPython, Pandas, and Scikit Learn through practical exercises and realistic scenarios.

A collection of vulnerable ARM binaries designed for educational exploit development and vulnerability research practice across different architectures and exploitation techniques.

A modular, cross-platform framework for creating repeatable, time-delayed security events and scenarios for Blue Team training and Red Team operations.

An open-source introductory book about cryptography that provides educational content on fundamental cryptographic concepts and principles.

A Python-based network hacking toolkit that implements various attack and reconnaissance techniques for educational purposes and network security learning.

A deliberately vulnerable ARM/ARM64 application with 14 different vulnerability levels designed for CTF-style exploitation training and education.

A distributed systems simulator that creates intentionally vulnerable Kubernetes clusters in AWS for security training and attack scenario practice.

A community-maintained archive of CTF write-ups and source files from cybersecurity competitions held in 2013.

A collection of command reference cheatsheets for penetration testing tools and security utilities, designed to help security professionals quickly recall important but infrequently used commands.

A Terraform tool that creates intentionally misconfigured AWS infrastructure with 84 vulnerabilities across 22 services for security training and testing purposes.

FBCTF is a platform for hosting Jeopardy and King of the Hill style Capture the Flag competitions with support for various scales and participation models.

Educational repository containing RPISEC's course materials for teaching modern binary exploitation, vulnerability research, and reverse engineering at Rensselaer Polytechnic Institute.

A collection of CTF challenge write-ups and solutions from the SababaSec cybersecurity team covering competitions from 2019 to 2022.

BlueTeam.Lab provides Terraform and Ansible scripts to deploy an orchestrated detection laboratory for testing attacks and forensic artifacts in a SOC-like Windows environment.

AHHHZURE is an automated deployment script that creates vulnerable Azure cloud lab environments for offensive security training and cloud penetration testing practice.