gear0

gear0's Stars

• cisagov/ScubaGear

  Automation to assess the state of your M365 tenant against CISA's baselines

  Language:PowerShell1.6k218

• MicrosoftDocs/SecurityBenchmarks

  Supplemental information and resources for the Security Benchmark documentation available at https://docs.microsoft.com/azure/security/benchmarks/.

  417162

• appdefensealliance/ASA-WG

  46

• aws-samples/fedramp-integrated-inventory-workbook

  This example shows how you can create a Lambda function to retrieve inventory information to create the integrated inventory spreadsheet which can be used as a separate attachment to the FedRAMP System Security Plan (SSP)

  Language:Python209

• aws-samples/serverless-patterns

  Serverless patterns. Learn more at the website: https://serverlessland.com/patterns.

  Language:Python1.6k918

• aws-samples/role-vending-machine

  Language:HCL123

• aws-samples/aws2tf

  aws2tf - automates the importing of existing AWS resources into Terraform and outputs the Terraform HCL code.

  Language:Python573102

• iann0036/iam-dataset

  A consolidated cloud IAM dataset

  Language:Python22823

• nicocha30/ligolo-ng

  An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

  Language:Go2.7k269

• SummitRoute/aws_breaking_changes

  List of changes announced for AWS that may break existing code

  1.3k42

• aws-samples/aws-auto-inventory

  AWS Auto Inventory allows you to quickly and easily generate inventory reports of your AWS resources.

  Language:Python19331

• srlabs/Certiception

  An ADCS honeypot to catch attackers in your internal network.

  Language:Jinja21618

• notthehiddenwiki/NTHW

  Not The Hidden Wiki - The largest repository of links related to cybersecurity

  48255

• 4ndersonLin/awesome-cloud-security

  🛡️ Awesome Cloud Security Resources ⚔️

  2k315

• iknowjason/Awesome-CloudSec-Labs

  Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

  1.4k186

• NicholasSpringer/thunder-ctf

  GCP cloud security CTF

  Language:Python419

• doyensec/wsrepl

  WebSocket REPL for pentesters

  Language:Python19912

• BishopFox/cloudfox

  Automating situational awareness for cloud penetration tests.

  Language:Go1.9k184

• usdAG/cstc

  CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef

  Language:Java21225

• OWASP/owasp-istg

  The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.

  Language:Python899

• francoismichel/ssh3

  SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/

  Language:Go3.3k84

• DefGuard/defguard

  The only _real_ 2FA MFA WireGuard Enterprise VPN with build-in SSO, hardware keys management and more!

  Language:TypeScript1.2k38

• cxiao/rust-malware-gallery

  A collection of malware families and malware samples which use the Rust programming language.

  1289

• The-XSS-Rat/SecurityTesting

  Language:Python1k266

• drduh/YubiKey-Guide

  Guide to using YubiKey for GnuPG and SSH

  Language:HTML11.1k1.2k

• Syslifters/sysreptor

  Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

  Language:Python1.4k132

• infosecn1nja/AD-Attack-Defense

  Attack and defend active directory using modern post exploitation adversary tradecraft activity

  4.4k1k

• vxunderground/VX-API

  Collection of various malicious functionality to aid in malware development

  Language:C++1.5k250

• fin3ss3g0d/evilgophish

  evilginx3 + gophish

  Language:Go1.6k318

• scwuaptx/HITCON-Training

  For Linux binary Exploitation

  Language:C815194