itsnek's Stars
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
janl/mustache.js
Minimal templating with {{mustaches}} in JavaScript
frida/frida
Clone this repo to build Frida
earthly/earthly
Super simple build framework with fast, repeatable builds and an instantly familiar syntax – like Dockerfile and Makefile had a baby.
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
kgretzky/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
apple/pkl
A configuration as code language with rich validation and tooling.
digininja/DVWA
Damn Vulnerable Web Application (DVWA)
drwetter/testssl.sh
Testing TLS/SSL encryption anywhere on any port
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
presidentbeef/brakeman
A static analysis security vulnerability scanner for Ruby on Rails applications
cuckoosandbox/cuckoo
Cuckoo Sandbox is an automated dynamic malware analysis system
SwiftOnSecurity/sysmon-config
Sysmon configuration file template with default high-quality event tracing
amlweems/xzbot
notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
google/honggfuzz
Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)
decalage2/oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
MegaManSec/SSH-Snake
SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery.
dotnet/android
.NET for Android provides open-source bindings of the Android SDK for use with .NET managed languages such as C#
groundcover-com/caretta
Instant K8s service dependency map, right to your Grafana.
arttor/helmify
Creates Helm chart from Kubernetes yaml
emberstack/kubernetes-reflector
Custom Kubernetes controller that can be used to replicate secrets, configmaps and certificates.
google/fuzzbench
FuzzBench - Fuzzer benchmarking as a service.
decalage2/ViperMonkey
A VBA parser and emulation engine to analyze malicious macros.
Neo23x0/Raccine
A Simple Ransomware Vaccine
YuriiCrimson/ExploitGSM
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
trendmicro/tlsh
reviewdog/action-brakeman
Run brakeman with reviewdog 🐶
gmellini/Microsoft-Defender-Security-Center-Hunting-Queries
Hunting Queries for Microsoft Defender Security Center https://docs.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-atp/advanced-hunting-overview