San Francisco Bay Area

Daniel Miessler 🛡️

Elite
@danielmiessler

⚒️ Building AI that ᴜᴘɢʀᴀᴅᴇs humans.

SecLists. SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

72k

Fabric. Fabric is an open-source framework for augmenting humans using AI. It provides a modular system for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.

43k

LifeOS. An General Purpose AI Harness for magnifying human capabilities. [CODING, BUILDING, CREATING, BUSINESS, LIFE, WORK, ...]

17k

RobotsDisallowed. A curated list of the most common and most interesting robots.txt disallowed directories.

1.5k

Telos. Telos is an open-sourced framework for creating Deep Context about things that matter to humans.

1.5k

Substrate. An Open-source Framework for Human Understanding, Meaning, and Progress.

867

Daemon. An open-source personal API framework.

219

blackhat-arsenal-tools. Official Black Hat Arsenal Security Tools Repository

164

Source2URL. Parse source code directories and output list of URLs that are then sent through a proxy.

163

vim. My Vim configuration.

156

ExtractWisdom. An AI prompt project that uses AI to extract wisdom from all sorts of text, from podcast transcripts, conversations, talks, lectures, papers, articles, blog posts, essays, presentations, or whatever you can get into text form.

149

Caparser. A quick and dirty PCAP parser that helps you identify who your applications are sending sensitive data to without encryption.

121

yt. The yt command stands for YouTube Transcript, and pulls transcripts from YouTube.

117

HoneyCredIPTracker. Quick script to gather stats on incoming credentials and IPs for a honey listener.

112

nginx. My Nginx configuration files, for all to use and improve upon.

111

egression. Test a network's egress controls with various levels of success and failure.

106

SecurityTools. A repo for collecting and organizing security tools of various types. As new ones come out, they get added to the list.

104

iptables. An iptables firewall configuration template.

80

DNSHarvester. This tool will harvest valid DNS subdomains from a given domain.

77

BugOutBag. BugOutBag

68

athi. ATHI — An AI Threat Modeling Framework for Policymakers

65

TechStack. This project exists as a free (and transparent) alternative to paid services that show you what technologies are running on a given website.

59

CTFSolutionTypes. A collection of CTF solution types, i.e. not solutions to specific CTF challenges, but the general categories that those solutions fall under. Includes CTF solution categories for web, binary, network, crypto, and others. Please contribute!

57

GeoHarvest. A simple script for translating IP addresses to GeoLocations

54

ATM. The Adaptive Security Testing Methodology (ASTM) provides context-adjusted testing methodologies based on factors such as time available to test, platform, technology stack, versions, plugins, modules, and other variables.

50

augmented-course. The website for the AUGMENTED AI course.

47

VimBlog. A Vim plugin for managing a Wordpress blog.

45

geoip. A Ruby script that takes in IPs and returns Country, State, and City

42

mobiletools. Free tools for mobile testing.

41

Frames. An open-source collection of positive and negative mental frames.

39

Books. A list of the books that I am reading, with priorities.

37

tmux. My tmux stuff

37

neovim. My Neovim settings

35

unsupervised-learning.

34

Self. A tracking system for everything me, e.g.: beliefs, passions, must-haves, must-dos, favorite movies, favorite quotes, favorite aphorisms, etc.

32

hostfind. Does a dictionary lookup on common, valuable hostnames for a given domain.

26

ServerConfig. My various configuration files for zsh, vim, tmux, etc.

26

threshold-site. The website for the Threshold.

24

top-domains. A repository for maintaining a list of the top domains based on multiple lists

24

mst. A meta-scan tool used to kick off a number of command-line security tools during VA/PT work.

23

GitHubRating. A composite score for one's GitHub quality.

22

CertExpirationCheck. Checks to see when the cert for a given domain expires.

20

import-alignment. A library-based attempt to increase our chances for achieving AI Alignment with an emergent AGI.

20

NewBox. Zsh and Vim on new Linux boxen.

19

Personal. A repository for personal tracking.

19

gscour. Find all hostnames related to a given domain. Helpful during VA/PT work.

17

GetTweets. Get a number of your tweets from the Twitter API.

15

.dotfiles. Dotfiles for nvim, oh-my-zsh, and other stuff…

12

MostPoweredBy. Checks to see the most common X-Powered-By headers for the world's most popular websites.

9

owasp-summit-2017. Content for OWASP Summit 2017 site

9

WorkDay. An ideal (regular) work day.

7

Dicematch. Determines how many times a given number of dice match each other.

6

Intimate. INTIMATE -- The audience management platform.

5

CaliforniaAirQuality. Get the air quality for your area from California's AIrNow website using Ruby and Nokogiri.

5

diceroll. A dice-rolling application for rolling any number of six-side dice any number of times.

3

BandShuffle. Shuffle some bands, yo.

2

mhp. A proof-by-simulation of the Monty Hall problem [Python]

1
57
Apply