Kastebo's Stars
prowler-cloud/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
Nekmo/dirhunt
Find web directories without bruteforce
gquere/pwn_jenkins
Notes about attacking Jenkins servers
google/ssl_logger
Decrypts and logs a process's SSL traffic.
linkedin/qark
Tool to look for several security related Android application vulnerabilities
cfenollosa/os-tutorial
How to create an OS from scratch
EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
nccgroup/umap
The USB host security assessment tool
michenriksen/aquatone
A Tool for Domain Flyovers
commonexploits/vlan-hopping
Easy 802.1Q VLAN Hopping
trimstray/otseca
Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
shieldfy/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
s0md3v/XSStrike
Most advanced XSS scanner.
sbilly/awesome-security
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
wtfutil/wtf
The personal information dashboard for your terminal
SUPERAndroidAnalyzer/super
Secure, Unified, Powerful and Extensible Rust Android Analyzer
codecrafters-io/build-your-own-x
Master programming by recreating your favorite technologies from scratch.
bettercap/bettercap
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
0x00-0x00/ShellPop
Pop shells like a master.
guardicore/monkey
Infection Monkey - An open-source adversary emulation platform
flipkart-incubator/Astra
Automated Security Testing For REST API's
brompwnie/uitkyk
Runtime memory analysis framework to identify Android malware
frida/frida
Clone this repo to build Frida
ITAYC0HEN/A-journey-into-Radare2
A series of tutorials about radare2 framework from https://www.megabeets.net
mhelwig/apk-anal
Android APK analyzer based on radare2 and others.
logicalhacking/DVHMA
Damn Vulnerable Hybrid Mobile App (DVHMA) is an hybrid mobile app (for Android) that intentionally contains vulnerabilities.
wurstbrot/docker-security-workshop
Docker Security Workshop
Hacker0x01/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
devoteam-cybertrust/droidstatx
Python tool that generates an Xmind map with all the information gathered and any evidence of possible vulnerabilities identified via static analysis. The map itself is an Android Application Pentesting Methodology component, which assists Pentesters to cover all important areas during an assessment.
IFGHou/wapiti
A web-application vulnerability scanner