Pinned Repositories
apidetector
APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.
awesome-pentest-tools-in-colab
A curated list of awesome Penetration Testing Tools ported to Google Colab to make faster and easier to execute and test.
brinhosa-nuclei-templates
CVE-2022-22963-Spring-cloud-function-SpEL-RCE
Spring-cloud-function-SpEL-RCE 批量检测脚本,反弹shell_EXP,欢迎师傅们试用
devsecops
github_cves_search
Find CVEs associated to Linux and public exploits on github
payloads
Payloads for Web Application Security Testing
spring4shell-CVE-2022-22965-massive-scan
tools
workshop-desenvolvimento-seguro
brinhosa's Repositories
brinhosa/Bug-Hunting-With-Bash
Cool One Liners at one place to make your recon and bug bounty skills better !
brinhosa/cysectests
brinhosa/fastssh
Fast SSH Scan and BruteForcer for most common credentials.
brinhosa/OSCP-A-Step-Forward
Opening the door, one reverse shell at a time
brinhosa/awesome-osint
:scream: A curated list of amazingly awesome OSINT
brinhosa/Best-Penetration-Tools-
Best Penetration Tools | أفضل أدوات الاختراق
brinhosa/BruteDum
BruteDum - Brute Force attacks SSH, FTP, Telnet, PostgreSQL, RDP, VNC with Hydra, Medusa and Ncrack
brinhosa/Bug-Bounty-Tools
Random Tools for Bug Bounty
brinhosa/container-app-security-cicd
Using AWS for GitHub Actions and various security features available through AWS Container Services like Amazon ECS, AWS Fargate, and Amazon ECR, this repository demonstrates an automated build and deploy pipeline using GitHub Actions from application code to deploying an ECS service using Fargate. In the process, it also uses AWS KMS integration with ECR and ECR on-push scanning features to demonstrate security integration at various stages of an automated build process to help deploy security and compliance controls.
brinhosa/cs-video-courses
List of Computer Science courses with video lectures.
brinhosa/docker-nuke
Removes all docker containers, images, and volumes.
brinhosa/EKS-Training
Materials for an online EKS class
brinhosa/gauplus
brinhosa/GitMiner
Tool for advanced mining for content on Github
brinhosa/google-scholar-network-scraping
brinhosa/h_wordlist
The wordlists that have been compiled using disclosed reports at HackerOne bug bounty platform
brinhosa/honeyLambda
honeyλ - a simple, serverless application designed to create and monitor fake HTTP endpoints (i.e. URL honeytokens) automatically, on top of AWS Lambda and Amazon API Gateway
brinhosa/MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
brinhosa/MartianHacks
A jupyter notebook that contains the main commands executed during a penetration test
brinhosa/MyPapers
Repository for hosting my research papers
brinhosa/onions-training-scripts
Scripts used to automate some tasks during trainings and webinars
brinhosa/OSCP
OSCP ( Offensive Security Certified Professional )
brinhosa/OSCP-Prep
A comprehensive guide/material for anyone looking to get into infosec or take the OSCP exam
brinhosa/OSCP-PWK-Notes-Public
:squirrel: Optixal's Offensive Security Certified Professional (OSCP) / Penetration Testing with Kali Linux (PWK) Personal Notes :computer:
brinhosa/payloads-1
Git All the Payloads! A collection of web attack payloads.
brinhosa/recursive-virustotal
Recursively calculates the hash of all files in a given path and checks them against the Virustotal threat database
brinhosa/terrafirma
A static analysis tool for Terraform plans.
brinhosa/threat-modeling-manifesto
Threat Modeling Manifesto
brinhosa/tiscripts
Turbo Intruder Scripts
brinhosa/urldedupe
Pass in a list of URLs with query strings, get back a unique list of URLs and query string combinations