0xEval

0xEval's Stars

• ethereumbook/ethereumbook

  Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood

  Language:JavaScript20.1k5852165k

• gitleaks/gitleaks

  Find secrets with Gitleaks 🔑

  Language:Go18.2k1627941.5k

• projectdiscovery/katana

  A next-generation crawling and spidering framework.

  Language:Go12.8k92296663

• Orange-Cyberdefense/GOAD

  game of active directory

  Language:PowerShell5.7k77240790

• SunWeb3Sec/DeFiHackLabs

  Reproduce DeFi hacked incidents using Foundry.

  Language:Solidity5.4k137391.2k

• RhinoSecurityLabs/pacu

  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

  Language:Python4.4k110133707

• vavkamil/awesome-bugbounty-tools

  A curated list of various bug bounty tools

  4.4k9915709

• christophetd/CloudFlair

  🔎 Find origin servers of websites behind CloudFlare by using Internet-wide scan data from Censys.

  Language:Python2.6k6063364

• dafthack/CloudPentestCheatsheets

  This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

  2.6k1021517

• NetSPI/MicroBurst

  A collection of scripts for assessing Microsoft Azure security

  Language:PowerShell2.1k5922314

• Hacking-the-Cloud/hackingthe.cloud

  An encyclopedia for offensive and defensive security knowledge in cloud native technologies.

  Language:Dockerfile1.8k4589218

• ine-labs/AWSGoat

  AWSGoat : A Damn Vulnerable AWS Infrastructure

  Language:PHP1.8k36291.2k

• SunWeb3Sec/DeFiVulnLabs

  To learn common smart contract vulnerabilities using Foundry!

  Language:Solidity1.7k3210288

• metlo-labs/metlo

  Metlo is an open-source API security platform.

  Language:TypeScript1.6k153292

• PentestPad/subzy

  Subdomain takeover vulnerability checker

  Language:Go1.1k2237159

• nascentxyz/simple-security-toolkit

  A collection of practical security-focused guides and checklists for smart contract development

  1.1k151146

• BishopFox/eyeballer

  Convolutional neural network for analyzing pentest screenshots

  Language:Python1.1k3148126

• nccgroup/singularity

  A DNS rebinding attack framework.

  Language:JavaScript1k3335143

• 0xacb/recollapse

  REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applications

  Language:Python96215199

• muraenateam/muraena

  Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.

  Language:Go9424281174

• dafthack/MSOLSpray

  A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

  Language:PowerShell922233172

• crytic/ethersplay

  EVM dissassembler

  Language:Python8463932119

• ine-labs/AzureGoat

  AzureGoat : A Damn Vulnerable Azure Infrastructure

  Language:Python8051111186

• NUL0x4C/AtomPePacker

  A Highly capable Pe Packer

  Language:C6872115118

• trailofbits/eth-security-toolbox

  A Docker container preconfigured with all of the Trail of Bits Ethereum security tools.

  Language:Dockerfile6772828108

• iknowjason/PurpleCloud

  A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4

  Language:Python539252495

• spearbit/portfolio

  51625050

• PatrickAlphaC/hardhat-security-fcc

  Language:Solidity41262148

• MarkoH17/Spray365

  Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.

  Language:Python3458957

• oldrho/ip2provider

  Resolves an IP address to the cloud provider it is hosted on

  Language:Python921617