Pinned Repositories
API-SecurityEmpire
API Security Projecto aims to present unique attack & defense methods in API Security field
awesome-azure-architecture
AWESOME-Azure-Architecture
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
Awesome-Red-Team-Operations
awesome-vehicle-security
🚗 A curated list of resources for learning about vehicle security and car hacking.
bbht
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
ClassNotFound
IDS
Snake
BAC1 programming project in python3
Warrior-sGame
BilalAazzani's Repositories
BilalAazzani/API-SecurityEmpire
API Security Projecto aims to present unique attack & defense methods in API Security field
BilalAazzani/awesome-azure-architecture
AWESOME-Azure-Architecture
BilalAazzani/bbht
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
BilalAazzani/ClassNotFound
BilalAazzani/BlackDex
BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.
BilalAazzani/can-utils
Linux-CAN / SocketCAN user space applications
BilalAazzani/catalyst
Catalyst is a SOAR system that helps to automate alert handling and incident response processes
BilalAazzani/cloud-security-remediation-guides
Security Remediation Guides
BilalAazzani/container-security-checklist
Checklist for container security - devsecops practices
BilalAazzani/cve
Gather and update all available and newest CVEs with their PoC.
BilalAazzani/CyberThreatHunting
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
BilalAazzani/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
BilalAazzani/dapptools
Dapp, Seth, Hevm, and more
BilalAazzani/ethereumbook
Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood
BilalAazzani/LFIDump
A simple python script to dump remote files through a local file read or local file inclusion web vulnerability.
BilalAazzani/mariana-trench
Our security focused static analysis tool for Android and Java applications.
BilalAazzani/MicroBurst
A collection of scripts for assessing Microsoft Azure security
BilalAazzani/msticpy
Microsoft Threat Intelligence Security Tools
BilalAazzani/MustLearnKQL
Code included as part of the MustLearnKQL blog series
BilalAazzani/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
BilalAazzani/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
BilalAazzani/password_cracking_rules
One rule to crack all passwords. or atleast we hope so.
BilalAazzani/pwntools-tutorial
Tutorials for getting started with Pwntools
BilalAazzani/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
BilalAazzani/RedTeam-Resources
BilalAazzani/rest-api-fuzz-testing
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
BilalAazzani/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
BilalAazzani/SOC-OpenSource
This is a Project Designed for Security Analysts and all SOC audiences who wants to play with implementation and explore the Modern SOC architecture.
BilalAazzani/sshuttle
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
BilalAazzani/SysmonSimulator
Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.