0xEval's Stars
helix-editor/helix
A post-modern modal text editor.
AykutSarac/jsoncrack.com
✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.
squidfunk/mkdocs-material
Documentation that simply works
jarun/nnn
n³ The unorthodox terminal file manager
prowler-cloud/prowler
Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
duo-labs/cloudmapper
CloudMapper helps you analyze your Amazon Web Services (AWS) environments.
CaiJimmy/hugo-theme-stack
Card-style Hugo theme designed for bloggers
t3l3machus/Villain
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
gragland/chatgpt-chrome-extension
A ChatGPT Chrome extension. Integrates ChatGPT into every text box on the internet.
sa7mon/S3Scanner
Scan for misconfigured S3 buckets across S3-compatible APIs!
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
dirkjanm/ROADtools
A collection of Azure AD/Entra tools for offensive and defensive security purposes
initstring/cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
Azure/Stormspotter
Azure Red Team tool for graphing Azure and Azure Active Directory objects
nccgroup/PMapper
A tool for quickly evaluating IAM permissions in AWS.
mazen160/secrets-patterns-db
Secrets Patterns DB: The largest open-source Database for detecting secrets, API keys, passwords, tokens, and more.
tihanyin/PSSW100AVB
A list of useful Powershell scripts with 100% AV bypass (At the time of publication).
cyberark/SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
arddluma/awesome-list-rpc-nodes-providers
A curated list of awesome Node providers and public RPC endpoints for Ethereum, BSC, Gnosis (xDAI), Fantom, Avalanche, KuCoin, Fuse, Harmony, Tezos, IoTeX, Arbitrum, Optimism and more :)
carnal0wnage/weirdAAL
WeirdAAL (AWS Attack Library)
projectdiscovery/chaos-client
Go client to communicate with Chaos DB API.
rvrsh3ll/TokenTactics
Azure JWT Token Manipulation Toolset
BloodHoundAD/AzureHound
Azure Data Exporter for BloodHound
trustedsec/orpheus
Bypassing Kerberoast Detections with Modified KDC Options and Encryption Types
ine-labs/GCPGoat
GCPGoat : A Damn Vulnerable GCP Infrastructure
RhinoSecurityLabs/GCP-IAM-Privilege-Escalation
A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
assetnote/ghostbuster
Eliminate dangling elastic IPs by performing analysis on your resources within all your AWS accounts.
NetSPI/aws_consoler
A utility to convert your AWS CLI credentials into AWS console access.
0xd4y/AWSealion
A tool to keep AWS pentests and red teams efficient, organized, and stealthy.
Static-Flow/BOR
BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor with only one click!