Pinned Repositories
amass
In-depth attack surface mapping and asset discovery
API-Security
OWASP API Security Project
apkleaks
Scanning APK file for URIs, endpoints & secrets.
ASVS
Application Security Verification Standard
awesome-controls
A collection of awesome security controls mapping for solutions across frameworks.
awesome-ethical-hacking-resources
😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.
Awesome-Hacking-Resources-tools
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
presentations
Some presentations i've made so far.
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
LelioCosta's Repositories
LelioCosta/ASVS
Application Security Verification Standard
LelioCosta/pentestkit
OWASP PTK - application security browser extension.
LelioCosta/books
o armazém de livros
LelioCosta/Exploit.in-EmailSearch
This program will parse through the Exploit.in database dump and return the specific E-mail addresses and passwords that you are looking for.
LelioCosta/awesome-ethical-hacking-resources
😎 🔗 Awesome list about all kinds of resources for learning Ethical Hacking and Penetration Testing.
LelioCosta/awesome-lists
Awesome Security lists for SOC/CERT/CTI
LelioCosta/Awesome-Google-Dorks
A collection of Awesome Google Dorks.
LelioCosta/metasploitable3
Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.
LelioCosta/pwntools
CTF framework and exploit development library
LelioCosta/mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
LelioCosta/hoppscotch
Open source API development ecosystem - https://hoppscotch.io (open-source alternative to Postman, Insomnia)
LelioCosta/CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
LelioCosta/theHarvester
E-mails, subdomains and names Harvester - OSINT
LelioCosta/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
LelioCosta/PyRIT
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
LelioCosta/giskard
🐢 Open-Source Evaluation & Testing for LLMs and ML models
LelioCosta/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
LelioCosta/offsec-tools
Compiled tools for internal assessments
LelioCosta/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
LelioCosta/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
LelioCosta/DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
LelioCosta/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
LelioCosta/fiap
Aplicações para os cursos de pós-graduação da FIAP
LelioCosta/presentations
Some presentations i've made so far.
LelioCosta/awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
LelioCosta/Top10
Official OWASP Top 10 Document Repository
LelioCosta/Red-Team-Tools
Repo containing cracked red teaming tools.
LelioCosta/tls-scan
An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
LelioCosta/ctfdump
ctf solutions
LelioCosta/Sandman
Sandman is a NTP based backdoor for red team engagements in hardened networks.