Pinned Repositories
90DaysOfDevOps
This repository is my documenting repository for learning the world of DevOps. I started this journey on the 1st January 2022 and I plan to run to March 31st for a complete 90-day romp on spending an hour a day including weekends to get a foundational knowledge across a lot of different areas that make up DevOps.
AceLdr
Cobalt Strike UDRL for memory scanner evasion.
AORT
All in One Recon Tool for Bug Bounty
apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
awesome-web-hacking
A list of web application security
awesome-web-security
🐶 A curated list of Web Security materials and resources.
AyoubNajim.github.io
AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
AzureGraph
Azure AD enumeration over MS Graph
AyoubNajim's Repositories
AyoubNajim/apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
AyoubNajim/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
AyoubNajim/awesome-web-security
🐶 A curated list of Web Security materials and resources.
AyoubNajim/AyoubNajim.github.io
AyoubNajim/AzureGraph
Azure AD enumeration over MS Graph
AyoubNajim/crAPI
completely ridiculous API (crAPI)
AyoubNajim/DefectDojo
DefectDojo is a DevSecOps and vulnerability management tool.
AyoubNajim/Demo-WebGoat
AyoubNajim/devsecopsguides.github.io
DevSecOpsGuides
AyoubNajim/Galaxy-Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
AyoubNajim/ICS-Security-Tools
Tools, tips, tricks, and more for exploring ICS Security.
AyoubNajim/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
AyoubNajim/Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
AyoubNajim/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
AyoubNajim/malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
AyoubNajim/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
AyoubNajim/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
AyoubNajim/PortSwigger-Academy-CheatSheets
This repository contains cheatsheets and payloads compiled from completing the labs at PortSwigger Academy.
AyoubNajim/QuadraInspect
QuadraInspect is an Android framework that integrates AndroPass, APKUtil, and MobFS, providing a powerful tool for analyzing the security of Android applications.
AyoubNajim/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
AyoubNajim/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
AyoubNajim/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
AyoubNajim/taurus
Automation-friendly framework for Continuous Testing by
AyoubNajim/ThreatHound
AyoubNajim/vulnado
Purposely vulnerable Java application to help lead secure coding workshops
AyoubNajim/Web-Security-Academy-Series
AyoubNajim/WebGoat-Docker
AyoubNajim/WebGoat-WhiteSource-Bolt
AyoubNajim/xss_payload
AyoubNajim/xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.