manuel-sommer's Stars
ohmyzsh/ohmyzsh
🙃 A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python, etc), 140+ themes to spice up your morning, and an auto-update tool that makes it easy to keep up with the latest updates from the community.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
alex/what-happens-when
An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
goharbor/harbor
An open source trusted cloud native registry project that stores, signs, and scans content.
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
ffuf/ffuf
Fast web fuzzer written in Go
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
PWhiddy/PokemonRedExperiments
Playing Pokemon Red with Reinforcement Learning
guardicore/monkey
Infection Monkey - An open-source adversary emulation platform
sobolevn/awesome-cryptography
A curated list of cryptography resources and links.
jtesta/ssh-audit
SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
chromium/badssl.com
:lock: Memorable site for testing clients against bad SSL configs.
microsoft/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
s0md3v/Striker
Striker is an offensive information and vulnerability scanner.
DanMcInerney/xsscrapy
XSS spider - 66/66 wavsep XSS detected
microsoft/sbom-tool
The SBOM tool is a highly scalable and enterprise ready tool to create SPDX 2.2 compatible SBOMs for any variety of artifacts.
hysnsec/awesome-threat-modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
openclarity/openclarity
OpenClarity is an open source tool built to enhance security and observability of cloud native applications and infrastructure
nemesida-waf/waf-bypass
Check your WAF before an attacker does
m8sec/subscraper
Subdomain and target enumeration tool built for offensive security testing
devanshbatham/OpenRedireX
A fuzzer for detecting open redirect vulnerabilities
fgeek/pyfiscan
Free web-application vulnerability and version scanner
antichown/subdomain-takeover
Subdomain Takeover Scanner | Subdomain Takeover Tool | by 0x94
prbinu/tls-scan
An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
carlospolop/fuzzhttpbypass
This tool use fuuzzing to try to bypass unknown authentication methods, who knows...
vavkamil/xss2png
PNG IDAT chunks XSS payload generator
brianlam38/AWS-Certified-Security-Specialty
AWS Certified Security Specialty (2020) course notes
alirezac0/urlyzer
URLyzer is a tool written in GoLang that extracts words from URLs and generates a wordlist with mutation
andytumelty/github-contribution-writer
dharmendranegi/-Python-CI-CD-Tutorial-
This project will help you to understand how to integrate GitLab CI/CD for AWS using Serverless Framwork.