St0rm-85's Stars
defparam/smuggler
Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3
j3ssie/metabigor
OSINT tools and more but without API key
richiemann/vietnam-password-lists
Lists of most common passwords in Vietnam
bitsadmin/wesng
Windows Exploit Suggester - Next Generation
AonCyberLabs/Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
rust-lang/rust
Empowering everyone to build reliable and efficient software.
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
robertdavidgraham/masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
sherlock-project/sherlock
Hunt down social media accounts by username across social networks
tsug0d/MyAwesomeWebChallenge
Collection of my capture-the-flag web challenge in any levels
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
ffuf/ffuf
Fast web fuzzer written in Go
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
s0md3v/Arjun
HTTP parameter discovery suite.
tanprathan/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
michenriksen/aquatone
A Tool for Domain Flyovers
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
tsug0d/LearnJavaVulnerability
Things help you get started with Java Vulnerability
kubernetes/kubernetes
Production-Grade Container Scheduling and Management
qazbnm456/awesome-web-security
🐶 A curated list of Web Security materials and resources.
lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
owasp-modsecurity/ModSecurity
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. It has a robust event-based programming language which provides protection from a range of attacks against web applications and allows for HTTP traffic monitoring, logging and real-time analysis.
ArjunSharda/Searchor
⚡️ Quick and easy searching tasks in one library.
rverton/webanalyze
Port of Wappalyzer (uncovers technologies used on websites) to automate mass scanning.
tomnomnom/gf
A wrapper around grep, to help you grep for things
hungdont85/golangPractice
St0rm-85/security-on-github
jwasham/coding-interview-university
A complete computer science study plan to become a software engineer.
public-apis/public-apis
A collective list of free APIs