Pinned Repositories
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
eko15
Material utilizado en el Workshop de Red Teaming en el 2019 para la edicion 15 de la Eko
ekoparty2015
Material utilizado en los Workshops de Ekoparty 2015
h8mail
Email OSINT and password breach hunting. Use h8mail to find passwords through different breach and reconnaissance services, or the infamous Breached Compilation torrent
LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
Open-SecTraining
Scripts usados en los entrenamientos de Open-Sec - Publicos y modificados o creados por el Core Team de Open-Sec.
OSEH
Open-Sec Ethical Hacker
Pentesting
RedTeaming
Open-Sec's Repositories
Open-Sec/RedTeaming
Open-Sec/Open-SecTraining
Scripts usados en los entrenamientos de Open-Sec - Publicos y modificados o creados por el Core Team de Open-Sec.
Open-Sec/Pentesting
Open-Sec/OSAH
Open-Sec Application Hacker
Open-Sec/RTOOS
Red Team Operator by Open-Sec
Open-Sec/Argon
Open-Sec/BSidesTampa2021
Open-Sec/BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
Open-Sec/burpdeveltraining
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Open-Sec/capa
The FLARE team's open-source tool to identify capabilities in executable files.
Open-Sec/cf-bypass
Open-Sec/cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
Open-Sec/conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
Open-Sec/dalfox
🌘🦊 DalFox(Finder Of XSS) / Parameter Analysis and XSS Scanning tool based on golang
Open-Sec/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Open-Sec/degoogle
search Google and extract results directly. skip all the click-through links and other sketchiness
Open-Sec/gcpwn
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
Open-Sec/iKy
OSINT Project
Open-Sec/impacket
Impacket is a collection of Python classes for working with network protocols.
Open-Sec/Invoke-PSObfuscation
An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.
Open-Sec/jaeles
The Swiss Army knife for automated Web Application Testing
Open-Sec/leaks
Open-Sec/Mythic
A collaborative, multi-platform, red teaming framework
Open-Sec/NotSoCereal-Lab
NotSoCereal: A Deserialization exploit playground
Open-Sec/ntlm_theft
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
Open-Sec/nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
Open-Sec/p1
Open-Sec/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Open-Sec/Publico
Repositorio Público
Open-Sec/TradecraftDevelopment-Fundamentals
Tradecraft Development Fundamentals