elliottl's Stars
securifybv/Visual-Studio-BOF-template
A Visual Studio template used to create Cobalt Strike BOFs
UberGuidoZ/Flipper
Playground (and dump) of stuff I make or modify for the Flipper Zero
cr0hn/vulnerable-node
A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
z0m31en7/deauthalyzer
Deauthalyzer is a script designed to monitor WiFi networks and detect deauthentication attacks. It utilizes packet sniffing and analysis techniques to identify deauthentication attack packets and provide relevant information about the attack.
appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
ajinabraham/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
nodejs/security-wg
Node.js Ecosystem Security Working Group
NightRang3r/P4wnP1-A.L.O.A.-Payloads
payloads for P4wnP1 A.L.O.A
I-Am-Jakoby/PowerShell-for-Hackers
This repository is a collection of powershell functions every hacker should know
logickworkshop/Flipper-IRDB
A collective of different IRs for the Flipper
ory/hydra
The most scalable and customizable OpenID Certified™ OpenID Connect and OAuth Provider on the market. Become an OpenID Connect and OAuth2 Provider over night. Broad support for related RFCs. Written in Go, cloud native, headless, API-first. Available as a service on Ory Network and for self-hosters.
flipkart-incubator/Astra
Automated Security Testing For REST API's
arainho/awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
roottusk/vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
InsiderPhD/Generic-University
Vulnerable API
PortSwigger/log-requests-to-sqlite
BURP extension to record every HTTP request send via BURP and create an audit trail log of an assessment.
PortSwigger/oauth-scan
Burp Suite Extension useful to verify OAUTHv2 and OpenID security
Cyber-Guy1/API-SecurityEmpire
API Security Project aims to present unique attack & defense methods in API Security field
yosriady/awesome-api-devtools
:books: A collection of useful resources for building RESTful HTTP+JSON APIs.
rose-pine/startpage
Soho vibes for Startpage
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
web3coach/the-blockchain-bar
The source-code for: "Build a Blockchain from Scratch in Go" eBook.
FDlucifer/Proxy-Attackchain
Proxylogon & Proxyshell & Proxyoracle & Proxytoken & All exchange server history vulns summarization :)
simplesamlphp/SAML-tracer
Browser extension for examining SAML messages
crewjam/saml
SAML library for go
Tikam02/Web3.0_Vault
A Vault for Web3.0 Resources
SimonWaldherr/golibs
general purpose Golang code (to be included in other projects)
safebuffer/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
byt3bl33d3r/DeathStar
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
byt3bl33d3r/CrackMapExec
A swiss army knife for pentesting networks