Rets66
Security Solution Architect, sometimes Researcher. Now my interests are #DevSecOps #Cloud #Kubernetes
Tokyo,Japan
Rets66's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
nektos/act
Run your GitHub Actions locally 🚀
opentofu/opentofu
OpenTofu lets you declaratively manage your cloud infrastructure.
ffuf/ffuf
Fast web fuzzer written in Go
maurosoria/dirsearch
Web path scanner
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
nccgroup/ScoutSuite
Multi-Cloud Security Auditing Tool
xmendez/wfuzz
Web application fuzzer
DominicBreuker/pspy
Monitor linux processes without root permissions
GhostPack/Rubeus
Trying to tame the three-headed dog.
assetnote/kiterunner
Contextual Content Discovery Tool
aws-actions/configure-aws-credentials
Configure AWS credential environment variables for use in other GitHub Actions.
bigb0sss/RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
skills/secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
mozilla/cipherscan
A very simple way to find out which SSL ciphersuites are supported by a target.
sysdream/ligolo
Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
doyensec/inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
dolevf/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
iknowjason/Awesome-CloudSec-Labs
Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.
pushsecurity/saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
roottusk/vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
nccgroup/singularity
A DNS rebinding attack framework.
rverton/webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
3nock/SpiderSuite
Advance web security spider/crawler
OWASP/OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
google/csp-evaluator
step-security/wait-for-secrets
Publish from GitHub Actions using multi-factor authentication
OWASP/www-project-top-10-ci-cd-security-risks
OWASP Foundation Web Respository