manuel-sommer's Stars
Z4nzu/hackingtool
ALL IN ONE Hacking Tool For Hackers
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
hadolint/hadolint
Dockerfile linter, validate inline bash, written in Haskell
anchore/grype
A vulnerability scanner for container images and filesystems
github/codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
nccgroup/ScoutSuite
Multi-Cloud Security Auditing Tool
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
vimeo/psalm
A static analysis tool for finding errors in PHP applications
OWASP/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
swisskyrepo/SSRFmap
Automatic SSRF fuzzer and exploitation tool
anouarbensaad/vulnx
vulnx 🕷️ an intelligent Bot, Shell can achieve automatic injection, and help researchers detect security vulnerabilities CMS system. It can perform a quick CMS security detection, information collection (including sub-domain name, ip address, country information, organizational information and time zone, etc.) and vulnerability scanning.
trimstray/sandmap
Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
IvanGlinkin/Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
erev0s/VAmPI
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
bridgecrewio/yor
Extensible auto-tagger for your IaC files. The ultimate way to link entities in the cloud back to the codified resource which created it.
faizann24/XssPy
XssPy - Web Application XSS Scanner
dwisiswant0/findom-xss
A fast DOM based XSS vulnerability scanner with simplicity.
Threagile/threagile
Agile Threat Modeling Toolkit
LewisArdern/bXSS
bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.
snoopysecurity/dvws-node
Damn Vulnerable Web Services is a vulnerable application with a web service and an API that can be used to learn about webservices/API related vulnerabilities.
stefanoj3/dirstalk
Modern alternative to dirbuster/dirb
woj-ciech/LeakLooker-X
LeakLooker GUI - Discover, browse and monitor database/source code leaks
merttasci/csrf-poc-generator
this html file creates a csrf poc form to any http request.
globaldatanet/aws-firewall-factory
Enhance the security of your web applications effortlessly with AWS Firewall Factory. Safeguard your valuable assets through seamless WAF deployment, updates, and staging, all centrally managed with AWS Firewall Manager.
MaibornWolff/SecObserve
SecObserve is an open source vulnerability and license management system for software development teams and cloud environments. It supports a variety of open source vulnerability scanners and integrates easily into CI/CD pipelines.
MaibornWolff/dd-import
A utility to (re-)import findings and language data into DefectDojo
Fadavvi/Yara-Repo
A script to collect (the most famous) Yara rules from more than 150 free resources. Free alternative to: https://valhalla.nextron-systems.com/
mesutgungor/server-security
Linux Server Security Hardening Bookmarks
Pratyaksh06/SVGXSS
This repo contains SVG file which has xss payload in it.