Pinned Repositories
apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
awesome-pentest-tools-in-colab
A curated list of awesome Penetration Testing Tools ported to Google Colab to make faster and easier to execute and test.
brinhosa-nuclei-templates
CVE-2022-22963-Spring-cloud-function-SpEL-RCE
Spring-cloud-function-SpEL-RCE 批量检测脚本,反弹shell_EXP,欢迎师傅们试用
devsecops
github_cves_search
Find CVEs associated to Linux and public exploits on github
payloads
Payloads for Web Application Security Testing
spring4shell-CVE-2022-22965-massive-scan
tools
workshop-desenvolvimento-seguro
brinhosa's Repositories
brinhosa/4-ZERO-3
403/401 Bypass Methods + Bash Automation + Your Support ;)
brinhosa/awesome-containerized-security
A collection of tools to improve your containerized apps security posture
brinhosa/docker-slim
DockerSlim (docker-slim): Don't change anything in your Docker container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)
brinhosa/dockerfiles
:whale: A collection of docker recipes 🇺🇦
brinhosa/mobsfscan
mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.
brinhosa/presentations
brinhosa/theHarvester
E-mails, subdomains and names Harvester - OSINT
brinhosa/unfurl
Pull out bits of URLs provided on stdin
brinhosa/whispers
Identify hardcoded secrets in static structured text
brinhosa/aquatone-docker
Aquatone (go version) docker image
brinhosa/AV-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
brinhosa/Bug-Bounty-Tips
A collection of notes, checklists, writeups on bug bounty hunting and web application security.
brinhosa/certified-kubernetes-security-specialist
brinhosa/core
Core model including reused documentation
brinhosa/CVE-2022-30190
MS-MSDT Follina CVE-2022-30190 PoC document generator
brinhosa/DevSecOps-Pipelines
Application Security pipelines
brinhosa/fossology
FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.
brinhosa/gitleaks
Scan git repos (or files) for secrets using regex and entropy 🔑
brinhosa/google-slides-images-filler
:framed_picture: This project automatically adds whatever images you want to your Google Slides presentation in a customizable way!
brinhosa/kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
brinhosa/linux-tools
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
brinhosa/MonarcAppFO
MONARC - Method for an Optimised aNAlysis of Risks by @CASES-LU
brinhosa/RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
brinhosa/scilla
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
brinhosa/skf-flask
Security Knowledge Framework (SKF) Python Flask / Angular project
brinhosa/tbhm
The Bug Hunters Methodology
brinhosa/tflint
A Pluggable Terraform Linter
brinhosa/tinyproxy
brinhosa/ViTee
Virus Total Free - IOC parser and report generator
brinhosa/zabbix-zbxsec-7