Pinned Repositories
apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
awesome-pentest-tools-in-colab
A curated list of awesome Penetration Testing Tools ported to Google Colab to make faster and easier to execute and test.
brinhosa-nuclei-templates
CVE-2022-22963-Spring-cloud-function-SpEL-RCE
Spring-cloud-function-SpEL-RCE 批量检测脚本,反弹shell_EXP,欢迎师傅们试用
devsecops
github_cves_search
Find CVEs associated to Linux and public exploits on github
payloads
Payloads for Web Application Security Testing
spring4shell-CVE-2022-22965-massive-scan
tools
workshop-desenvolvimento-seguro
brinhosa's Repositories
brinhosa/devsecops
brinhosa/One-Liner-Scripts
A collection of awesome one-liner scripts for bug bounty hunting.
brinhosa/awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
brinhosa/cloudsploit
Cloud Security Posture Management (CSPM)
brinhosa/community
This repository holds the content submitted to https://cloud.google.com/community. Files added to the tutorials/ directory will appear at https://cloud.google.com/community/tutorials.
brinhosa/cve
Gather and update all available and newest CVEs with their PoC.
brinhosa/CVE-2022-0847-DirtyPipe-Exploit
A root exploit for CVE-2022-0847 (Dirty Pipe)
brinhosa/dd-import
A utility to (re-)import findings and language data into DefectDojo
brinhosa/Dejavu
DejaVU - Open Source Deception Framework
brinhosa/devops-directive-terraform-course
brinhosa/DevSecOps-MaturityModel
brinhosa/dockle
Container Image Linter for Security, Helping build the Best-Practice Docker Image, Easy to start
brinhosa/Duplicate-Image-Finder
difPy - Python package for finding duplicate images within a folder.
brinhosa/inventory
Asset inventory on public bug bounty programs.
brinhosa/kubernetes-goat
Kubernetes Goat 🐐 is a "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security 🔐
brinhosa/ldapsearch-ad
Python3 script to quickly get various information from a domain controller through his LDAP service.
brinhosa/maven-security-versions
Identify vulnerable libraries in Maven dependencies
brinhosa/meg
Fetch many paths for many hosts - without killing the hosts
brinhosa/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
brinhosa/NuGetDefense
An MSBuildTask that checks for known vulnerabilities. Inspired by OWASP SafeNuGet.
brinhosa/pagodo
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
brinhosa/Parth
Heuristic Vulnerable Parameter Scanner
brinhosa/pyotp
Python One-Time Password Library
brinhosa/retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities
brinhosa/S3Scanner
Scan for open S3 buckets and dump the contents
brinhosa/static-analysis
⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.
brinhosa/training-kubernetes-security
brinhosa/uncover
Quickly discover exposed hosts on the internet using multiple search engine.
brinhosa/username-anarchy
Username tools for penetration testing
brinhosa/vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.