had-nu
Master's Degree Student in Information Systems | Application Security & Cyber Risk Management Researcher | Application Security Architect Trainee
Braga, Portugal
Pinned Repositories
Automated-AppSec-Toolbox
This repository integrates tools for automated security testing within CI/CD pipelines, including SAST, DAST, IAST, and IaC. It enables early detection of vulnerabilities and compliance risks, mapping sensitive data flows to identify Personally Identifiable Information (PII).
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
containerized-poc-environment
Containerized development environment to streamline Proof of Concept (PoC) implementations.
sast-module
Repositório exclusivo para gerenciar a ferramenta de SAST do AppSec Toolbook
osintgpt
An open-source intelligence (OSINT) analysis tool leveraging GPT-powered embeddings and vector search engines for efficient data processing
threat-dragon
An open source threat modeling tool from OWASP
tlosint-live
Trace Labs OSINT Linux Distribution based on Kali.
yarAnalyzer
Yara Rule Analyzer and Statistics
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
analise_de_dados_Python_Pandas_Genetica
Todo trabalho feito durante a semana de Imersão de Dados da Alura
had-nu's Repositories
had-nu/appsec-framework
This repository is the final deliverable of my master's project, centered on developing an Application Security Framework (ASF). The goal is to establish a comprehensive strategy for embedding secure practices throughout the Software Development Lifecycle (SDLC).
had-nu/Automated-AppSec-Verify-CICD-Pipelines
This repository integrates tools for automated security testing within CI/CD pipelines, including SAST, DAST, IAST, and IaC. It enables early detection of vulnerabilities and compliance risks, mapping sensitive data flows to identify Personally Identifiable Information (PII).
had-nu/DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
had-nu/osintgpt
An open-source intelligence (OSINT) analysis tool leveraging GPT-powered embeddings and vector search engines for efficient data processing
had-nu/threat-dragon
An open source threat modeling tool from OWASP
had-nu/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
had-nu/ASVS
Application Security Verification Standard
had-nu/awesome-yara
A curated list of awesome YARA rules, tools, and people.
had-nu/bzar
A set of Zeek scripts to detect ATT&CK techniques.
had-nu/car
Cyber Analytics Repository
had-nu/connectors
OpenCTI Connectors
had-nu/datafolioProjects
This GitHub repository serves as a central location for all of the code and queries used in the portfolio projects created by a junior data analyst. The purpose of this repository is to showcase the analyst's technical skills and understanding of various data analysis tools and techniques to potential employers and students.
had-nu/DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
had-nu/ffuf
Fast web fuzzer written in Go
had-nu/gobuster
Directory/File, DNS and VHost busting tool written in Go
had-nu/hadnu
a brief presentation
had-nu/hashcat
World's fastest and most advanced password recovery utility
had-nu/instaloader
Download pictures (or videos) along with their captions and other metadata from Instagram.
had-nu/john
John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs
had-nu/Loki
Loki - Simple IOC and YARA Scanner
had-nu/Osintgram
Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname
had-nu/OWASP-Top-10-for-Docker-Containers-and-Kubernetes-Security
OWASP Top 10 for Docker Containers and Kubernetes Security, by EC-Council
had-nu/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
had-nu/SOC-Interview-Questions
SOC Interview Questions
had-nu/sysmon-config
Sysmon configuration file template with default high-quality event tracing
had-nu/theHarvester
E-mails, subdomains and names Harvester - OSINT
had-nu/Top10
Official OWASP Top 10 Document Repository
had-nu/WhatsMyName
This repository has the JSON file required to perform user enumeration on various websites.
had-nu/yara
The pattern matching swiss knife
had-nu/yarGen
yarGen is a generator for YARA rules