Pinned Repositories
awesome-security-articles
This repository contains links to awesome security articles.
aws-signing-for-owasp-zap
A ZAP Help Add-On Script for signing requests to AWS
f5-asm-ip-exception-bulk-add
f5-waf-enforce-sig-CVE-2021-44228
This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device
f5-waf-enforce-sig-Spring4Shell
This enforces F5 WAF signatures for Spring4Shell and Spring Cloud vulnerabilities across all policies on a BIG-IP ASM device
gcp_security
Google Cloud Platform Security
jwtbf
Simple script to brute force JWT token signature
ms17-010
This contains a bundle with an executable to exploit ms17-010 remote or locally. It does not require Python.
slowdos_detector
slowdos_detector is Python tool to detect Slow HTTP DoS Attack (GET and POST) on pcap files.
smbclient_cheatsheet
Useful commands/tricks using smbclient/nmap in a pentesting/auditing/redteaming
irgoncalves's Repositories
irgoncalves/smbclient_cheatsheet
Useful commands/tricks using smbclient/nmap in a pentesting/auditing/redteaming
irgoncalves/awesome-security-articles
This repository contains links to awesome security articles.
irgoncalves/ms17-010
This contains a bundle with an executable to exploit ms17-010 remote or locally. It does not require Python.
irgoncalves/f5-waf-enforce-sig-Spring4Shell
This enforces F5 WAF signatures for Spring4Shell and Spring Cloud vulnerabilities across all policies on a BIG-IP ASM device
irgoncalves/f5-waf-enforce-sig-CVE-2021-44228
This enforces signatures for CVE-2021-44228 across all policies on a BIG-IP ASM device
irgoncalves/gcp_security
Google Cloud Platform Security
irgoncalves/jwtbf
Simple script to brute force JWT token signature
irgoncalves/slowdos_detector
slowdos_detector is Python tool to detect Slow HTTP DoS Attack (GET and POST) on pcap files.
irgoncalves/f5-asm-ip-exception-bulk-add
irgoncalves/aws-signing-for-owasp-zap
A ZAP Help Add-On Script for signing requests to AWS
irgoncalves/f5-waf-quick-patch-cve-2021-44228
This tool creates a custom signature set on F5 WAF and apply to policies in blocking mode
irgoncalves/f5-waf-quick-view
F5 Adv. WAF/ASM policies quick view.
irgoncalves/Awesome-WAF
🔥 Everything awesome about web-application firewalls (WAF).
irgoncalves/irule-cve-2022-22965
irgoncalves/make-htdigest
This simple tool creates username/password combination for HTTP Digest Authentication. It can be used for password lookup during password auditing/assessment/pen-testing for WildFly / JBoss / Apache.
irgoncalves/barracuda-user-enum-exploit
Barracuda Platform (NGFW and ADC) brute force user enum using side channel
irgoncalves/bugbounty-scans
aquatone results for sites with bug bountys
irgoncalves/community-scripts
A collection of ZAP scripts provided by the community - pull requests very welcome!
irgoncalves/container-security-checklist
Checklist for container security - devsecops practices
irgoncalves/cryptonice
CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.
irgoncalves/f5-distributed-cloud-labs-101
Introduction to Volterra lab environment
irgoncalves/f5-waf-tester
Web Application Firewall Security Testing Tool
irgoncalves/f5_terraform
Terraform deployments for BIG-IP in public cloud environments (AWS, Azure, Google). F5 Automation Toolchain is used for easier device and app configuration.
irgoncalves/open-source-web-scanners
A list of open source web security scanners
irgoncalves/search
Search is a simple text search to look for various words within files on a give folder.
irgoncalves/tempo
Username Enumeration tool using Side-Channel (Timing) over HTTP
irgoncalves/terraform-gcp-bigip-module
Terraform module for Deploying BIG-IP in GCP
irgoncalves/wstg
The Web Security Testing Guide is a comprehensive open source guide to testing the security of web applications and web services.