mdeous's Stars
requarks/wiki
Wiki.js | A modern and powerful wiki app built on Node.js
shieldfy/API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
mozilla/send
Simple, private file sharing from the makers of Firefox
OWASP/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
ytisf/theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
quay/clair
Vulnerability Static Analysis for Containers
docker/docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
securego/gosec
Go security checker
aquasecurity/kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
guardicore/monkey
Infection Monkey - An open-source adversary emulation platform
pwn20wndstuff/Undecimus
unc0ver jailbreak for iOS 11.0 - 12.4
crytic/slither
Static Analyzer for Solidity and Vyper
noble/noble
A Node.js BLE (Bluetooth Low Energy) central module
ambionics/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
freach/kubernetes-security-best-practice
Kubernetes Security - Best Practice Guide
rewardone/OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
secretsquirrel/SigThief
Stealing Signatures and Making One Invalid Signature at a Time
d3vilbug/HackBar
HackBar plugin for Burpsuite
cr0hn/dockerscan
Docker security analysis & hacking tools
WithSecureLabs/needle
The iOS Security Testing Framework
prateek147/DVIA-v2
Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested up to iOS 11. The current version is writen in Swift and has the following vulnerabilities.
riverloopsec/killerbee
IEEE 802.15.4/ZigBee Security Research Toolkit
schutzwerk/CANalyzat0r
Security analysis toolkit for proprietary car protocols
hackgnar/ble_ctf
A Bluetooth low energy capture the flag
rfidtool/ESP-RFID-Tool
A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.
outflanknl/Invoke-ADLabDeployer
Automated deployment of Windows and Active Directory test lab networks. Useful for red and blue teams.
designsecurity/progpilot
A static analysis tool for security
staaldraad/xxeserv
A mini webserver with FTP support for XXE payloads
google/GiftStick
1-Click push forensics evidence to the cloud
mozilla-services/GitHub-Audit
INACTIVE - Collection of Tools & Procedures for double checking GitHub configurations