CiCiNL's Stars
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
owasp-amass/amass
In-depth attack surface mapping and asset discovery
juice-shop/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
soxoj/maigret
🕵️♂️ Collect a dossier on a person by username from thousands of sites
BloodHoundAD/BloodHound
Six Degrees of Domain Admin
offensive-security/exploitdb
The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb
weaveworks/scope
Monitoring, visualisation & management for Docker & Kubernetes
astrada/google-drive-ocamlfuse
FUSE filesystem over Google Drive
0x4D31/awesome-threat-detection
✨ A curated list of awesome threat detection and hunting resources 🕵️♂️
NCSC-NL/log4shell
Operational information regarding the log4shell vulnerabilities in the Log4j logging library.
dolevf/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
OWASP/wrongsecrets
Vulnerable app with examples showing how to not use secrets
OWASP/crAPI
completely ridiculous API (crAPI)
erev0s/VAmPI
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
snoopysecurity/dvws-node
Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API related vulnerabilities.
vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
op7ic/EDR-Testing-Script
Test the accuracy of Endpoint Detection and Response (EDR) software with simple script which executes various ATT&CK/LOLBAS/Invoke-CradleCrafter/Invoke-DOSfuscation payloads
DevSlop/Pixi
The Pixi module is a MEAN Stack web app with wildly insecure APIs!
ivision-research/vulnerable-graphql-api
A very vulnerable implementation of a GraphQL API.
ne0z/DamnVulnerableMicroServices
This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)
tkisason/vulnapi
Intentionaly very vulnerable API with bonus bad coding practices
vectranetworks/vectra_api_tools
Community driven python library, scripts, and other utilities for interacting with the Vectra API
tesorion/TCERT-Cumulonimbus-UAL_Extractor
Cumulonimbus-UAL_Extractor is a PowerShell based tool created by the Tesorion CERT team to help gather the Unified Audit Logging out of a Microsoft 365 environment.
layro01/node-api-goat
A simple Node.js Express REST app with some OWASP vulnerabilities.
tesorion/TCERT-Tesorion_Vulnerability_Explorer
forensic-security/cybereason
Async Cybereason API client
jfmatth/DjangoOnKubernetes
Putting a basic Django application on Kubernetes via Helm
guardicode/centra-py-client
A Python client for Guardicore Centra API access.
filipi86/awesome-python
A curated list of awesome Python frameworks, libraries, software and resources
psmiraglia/python-cybereason
Command line interface to interact with Cybereason via API