0xEval's Stars
caddyserver/caddy
Fast and extensible multi-platform HTTP/1-2-3 web server with automatic HTTPS
hashicorp/vault
A tool for secrets management, encryption as a service, and privileged access management
antonmedv/fx
Terminal JSON viewer & processor
FiloSottile/age
A simple, modern and secure encryption tool (and Go library) with small explicit keys, no config options, and UNIX-style composability.
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
getsops/sops
Simple and flexible tool for managing secrets
RustScan/RustScan
🤖 The Modern Port Scanner 🤖
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
mixn/carbon-now-cli
🎨 Beautiful images of your code — from right inside your terminal.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
Yelp/detect-secrets
An enterprise friendly way of detecting and preventing secrets in code.
projectdiscovery/uncover
Quickly discover exposed hosts on the internet using multiple search engines.
crytic/building-secure-contracts
Guidelines and training material to write secure smart contracts
crytic/not-so-smart-contracts
Examples of Solidity security issues
stevenvachon/broken-link-checker
Find broken links, missing images, etc within your HTML.
Sh1Yo/x8
Hidden parameters discovery suite
GitGuardian/ggshield
Find and fix 400+ types of hardcoded secrets and 70+ types of infrastructure-as-code misconfigurations.
trimstray/linux-hardening-checklist
Simple checklist to help you deploying the most important areas of the GNU/Linux production systems - work in progress.
pcaversaccio/reentrancy-attacks
A chronological and (hopefully) complete list of reentrancy attacks to date.
mike-engel/jwt-cli
A super fast CLI tool to decode and encode JWTs built in Rust
NH-RED-TEAM/RustHound
Active Directory data ingestor for BloodHound Legacy written in Rust. 🦀
arget13/DDexec
A technique to run binaries filelessly and stealthily on Linux by "overwriting" the shell's process with another.
allanlw/svg-cheatsheet
A cheatsheet for exploiting server-side SVG processors.
security-prince/Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
the-xentropy/samlists
Free, libre, effective, and data-driven wordlists for all!
gl4ssesbo1/Nebula
Nebula is a cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.
epi052/feroxfuzz
A structure-aware HTTP fuzzing library
GitGuardian/ggcanary
GitGuardian Canary Tokens
sslivkoff/toolcli