aSapien's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
alex/what-happens-when
An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
ibraheemdev/modern-unix
A collection of modern/faster/saner alternatives to common unix commands.
ToolJet/ToolJet
Low-code platform for building business applications. Connect to databases, cloud storages, GraphQL, API endpoints, Airtable, Google sheets, OpenAI, etc and build apps using drag and drop application builder. Built using JavaScript/TypeScript. 🚀
hemanth/functional-programming-jargon
Jargon from the functional programming world in simple terms!
imthenachoman/How-To-Secure-A-Linux-Server
An evolving how-to guide for securing a Linux server.
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
anderspitman/awesome-tunneling
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
sundowndev/hacker-roadmap
A collection of hacking tools, resources and references to practice ethical hacking.
awslabs/git-secrets
Prevents you from committing secrets and credentials into git repositories
vanhauser-thc/thc-hydra
hydra
draios/sysdig
Linux system exploration and troubleshooting tool with first class support for containers
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
projectdiscovery/httpx
httpx is a fast and multi-purpose HTTP toolkit that allows running multiple probes using the retryablehttp library.
mxssl/sre-interview-prep-guide
Site Reliability Engineer Interview Preparation Guide
cipher387/osint_stuff_tool_collection
A collection of several hundred online tools for OSINT
secfigo/Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
Yelp/detect-secrets
An enterprise friendly way of detecting and preventing secrets in code.
epinna/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
IlanCosman/tide
🌊 The ultimate Fish prompt.
microsoft/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
fofapro/fapro
Fake Protocol Server
ossf/allstar
GitHub App to set and enforce security policies
alcideio/rbac-tool
Rapid7 | insightCloudSec | Kubernetes RBAC Power Toys - Visualize, Analyze, Generate & Query
ksoclabs/awesome-kubernetes-security
A curated list of awesome Kubernetes security resources
EFForg/apkeep
sysdiglabs/kubectl-dig
Deep kubernetes visibility from the kubectl
magoo/ato-checklist
A checklist of practices for organizations dealing with account takeover (ATO)
boynux/squid-exporter
Squid Prometheus Exporter