mekin's Stars
BishopFox/cloudfox
Automating situational awareness for cloud penetration tests.
google/paranoid_crypto
Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
riza/linx
Reveals invisible links within JavaScript files
nccgroup/exploit_mitigations
Knowledge base of exploit mitigations available across numerous operating systems, architectures and applications and versions.
6mile/DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
anderspitman/awesome-tunneling
List of ngrok/Cloudflare Tunnel alternatives and other tunneling software and services. Focus on self-hosting.
krol3/container-security-checklist
Checklist for container security - devsecops practices
CloudSecurityAlliance/gsd-database
Global Security Database
emalderson/ThePhish
ThePhish: an automated phishing email analysis tool
positive-security/send-my
Upload arbitrary data via Apple's Find My network.
cisagov/log4j-scanner
log4j-scanner is a project derived from other members of the open-source community by CISA to help organizations identify potentially vulnerable web services affected by the log4j vulnerabilities.
dgtlmoon/changedetection.io
The best and simplest free open source web page change detection, website watcher, restock monitor and notification service. Restock Monitor, change detection. Designed for simplicity - Simply monitor which websites had a text change for free. Free Open source web page change detection, Website defacement monitoring, Price change notification
e-m-b-a/embark
EMBArk - The firmware security scanning environment
niespodd/browser-fingerprinting
Analysis of Bot Protection systems with available countermeasures 🚿. How to defeat anti-bot system 👻 and get around browser fingerprinting scripts 🕵️♂️ when scraping the web?
rung/threat-matrix-cicd
Threat matrix for CI/CD Pipeline
CanIPhish/Phishious
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
curated-intel/Initial-Access-Broker-Landscape
A visualized overview of the Initial Access Broker (IAB) cybercrime landscape
TCM-Course-Resources/Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
google/fully-homomorphic-encryption
An FHE compiler for C++
BishopFox/sliver
Adversary Emulation Framework
google/kctf
kCTF is a Kubernetes-based infrastructure for CTF competitions. For documentation, see
WesleyBranton/Outlook.com-mailto
Add Outlook.com as a default email provider for all mailto links in Firefox.
center-for-threat-informed-defense/attack-control-framework-mappings
🚨ATTENTION🚨 The NIST 800-53 mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
qeeqbox/social-analyzer
API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites
ossf-cve-benchmark/ossf-cve-benchmark
The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebases using a variety of static analysis security testing (SAST) tools and generate reports to evaluate those tools.
nccgroup/Carnivore
Tool for assessing on-premises Microsoft servers authentication such as ADFS, Skype, Exchange, and RDWeb
microsoft/restler-fuzzer
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
microsoft/rest-api-fuzz-testing
REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows
jakejarvis/awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Lissy93/personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024