Pinned Repositories
ASVS
Application Security Verification Standard
awesome-controls
A collection of awesome security controls mapping for solutions across frameworks.
awesome-lists
Awesome Security lists for SOC/CERT/CTI
Awesome-Red-Team-Operations
Awesome-Red-Teaming
List of Awesome Red Teaming Resources
awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
books
o armazém de livros
c-jwt-cracker
JWT brute force cracker written in C
presentations
Some presentations i've made so far.
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
LelioCosta's Repositories
LelioCosta/presentations
Some presentations i've made so far.
LelioCosta/ASVS
Application Security Verification Standard
LelioCosta/awesome-lists
Awesome Security lists for SOC/CERT/CTI
LelioCosta/awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
LelioCosta/books
o armazém de livros
LelioCosta/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
LelioCosta/CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
LelioCosta/DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
LelioCosta/giskard
🐢 Open-Source Evaluation & Testing for LLMs and ML models
LelioCosta/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
LelioCosta/delta-sharing
An open protocol for secure data sharing
LelioCosta/Exploit.in-EmailSearch
This program will parse through the Exploit.in database dump and return the specific E-mail addresses and passwords that you are looking for.
LelioCosta/hoppscotch
Open source API development ecosystem - https://hoppscotch.io (open-source alternative to Postman, Insomnia)
LelioCosta/metasploitable3
Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
LelioCosta/mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
LelioCosta/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
LelioCosta/offsec-tools
Compiled tools for internal assessments
LelioCosta/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
LelioCosta/OWASPtop10API-mitiga-es
LelioCosta/pentestkit
OWASP PTK - application security browser extension.
LelioCosta/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
LelioCosta/pwntools
CTF framework and exploit development library
LelioCosta/PyRIT
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
LelioCosta/Red-Team-Tools
Repo containing cracked red teaming tools.
LelioCosta/Sandman
Sandman is a NTP based backdoor for red team engagements in hardened networks.
LelioCosta/thc-hydra
hydra
LelioCosta/theHarvester
E-mails, subdomains and names Harvester - OSINT
LelioCosta/tls-scan
An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
LelioCosta/Top10
Official OWASP Top 10 Document Repository
LelioCosta/web-check
🕵️♂️ All-in-one OSINT tool for analysing any website