FixYourFace's Stars
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
byt3bl33d3r/CrackMapExec
A swiss army knife for pentesting networks
GoogleChromeLabs/ProjectVisBug
FireBug for designers › Edit any webpage, in any state https://a.nerdy.dev/gimme-visbug
CalebFenton/simplify
Android virtual machine and deobfuscator
madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
almandin/fuxploider
File upload vulnerability scanner and exploitation tool.
m0bilesecurity/RMS-Runtime-Mobile-Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
tunz/js-vuln-db
A collection of JavaScript engine CVEs with PoCs
tomnomnom/hacks
A collection of hacks and one-off scripts
nahamsec/lazyrecon
This script is intended to automate your reconnaissance process in an organized fashion
wagiro/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
B3nac/Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
google/firing-range
ustayready/CredSniper
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
andresriancho/enumerate-iam
Enumerate the permissions associated with AWS credential set
nettitude/xss_payloads
Exploitation for XSS
mthbernardes/GTRS
GTRS - Google Translator Reverse Shell
nccgroup/freddy
Automatically identify deserialisation issues in Java and .NET applications by using active and passive scans
trustedsec/physical-docs
This is a collection of legal wording and documentation used for physical security assessments. The goal is to hopefully allow this as a template for other companies to use and to protect themselves when conducting physical security assessments.
pownjs/recon
A powerful target reconnaissance framework powered by graph theory.
0xdekster/ReconNote
Web Application Security Automation Framework which recons the target for various assets to maximize the attack surface for security professionals & bug-hunters
Static-Flow/BurpSuite-Team-Extension
This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes through your Burpsuite instance will be replicated in the history of the other testers and vice-versa!
googleprojectzero/Street-Party
Street Party is a suite of tools that allows the RTP streams of video conferencing implementations to be viewed and modified.
enovella/r2frida-wiki
This repo aims at providing practical examples on how to use r2frida
Regala/burp-scope-monitor
Burp Suite Extension to monitor new scope
allyomalley/dnsobserver
A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack.
BSidesSF/ctf-2019-release
BSidesSF CTF 2019 release
jakeajames/Reverse-Engineering
nothing important
OJ/police-quest
Binary exploitation CTF challenge
chmodxx/BlackHoodie2018