antonini's Stars
prowler-cloud/prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
projectdiscovery/subfinder
Fast passive subdomain enumeration tool.
aboul3la/Sublist3r
Fast subdomains enumeration tool for penetration testers
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
mitre/caldera
Automated Adversary Emulation Platform
EdOverflow/can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
guelfoweb/knock
Knock Subdomain Scan
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
rabobank-cdc/DeTTECT
Detect Tactics, Techniques & Combat Threats
salesforce/policy_sentry
IAM Least Privilege Policy Generator
magnologan/awesome-k8s-security
A curated list for Awesome Kubernetes Security resources
salesforce/cloudsplaining
Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.
screetsec/Sudomy
Sudomy is a subdomain enumeration tool to collect subdomains and analyzing domains performing automated reconnaissance (recon) for bug hunting / pentesting
eth0izzle/bucket-stream
Find interesting Amazon S3 Buckets by watching certificate transparency logs.
bridgecrewio/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
kolide/fleet
A flexible control server for osquery fleets
duo-labs/parliament
AWS IAM linting library
RhinoSecurityLabs/AWS-IAM-Privilege-Escalation
A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.
duo-labs/cloudtracker
CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
Obbut/iCloud-Control
User-controlled selective sync for iCloud Drive
WithSecureLabs/leonidas
Automated Attack Simulation in the Cloud, complete with detection use cases.
bacen/pix-dict-quickstart
Quickstart da API do DICT
bacen/pix-dict-api
API do DICT - Diretório de Identificadores de Contas Transacionais
hadiasghari/pyasn
Python IP address to Autonomous System Number lookup module. (Supports fast local lookups, and historical lookups using archived BGP dumps.)
gelim/nmap-erpscan
Nmap custom probes for better detecting SAP services
chacka0101/exploits
Exploits project Hacking Command Center
akamai/cli-terraform
Akamai CLI plugin Admin Support for multiple OpenAPI resource types
obezuk/cf-worker-aws-fetch
ianaraujo/idiv-dividend-analysis
Análise das empresas do Índice de Dividendos da B3 (IDIV), estimativa do retorno aos acionistas, cálculo do DY nos últimos anos e preço-teto por ação.
AfonsoFeliciano/Python-Web-Scraping-Status-Invest
Coleta de dados de fundos imobiliários no site status invest