mestizo's Stars
BishopFox/sj
A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.
securitytemplates/sectemplates
Open source templates you can use to bootstrap your security programs
projectdiscovery/notify
Notify is a Go-based assistance package that enables you to stream the output of several tools (or read from a file) and publish it to a variety of supported platforms.
mschwager/route-detect
Find authentication (authn) and authorization (authz) security bugs in web application routes.
projectdiscovery/cloudlist
Cloudlist is a tool for listing Assets from multiple Cloud Providers.
Privado-Inc/privado
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
tanprathan/OWASP-Testing-Checklist
OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
VladimirMikulic/route-list
Beautifully shows Express/Koa/Hapi/Fastify routes in CLI.
GeoffWalton/UUID-Watcher
A small burp extension - to watch for UUID/GUIDs in request parameters, and report on what responses those UUIDs are found in - excluding reflected ones. The tool helps find security problems in apps and APIs relying on key discovery being impossible.
elttam/semgrep-rules
Orange-Cyberdefense/arsenal
Arsenal is just a quick inventory and launcher for hacking programs
CyberSecurityUP/OSCE3-Complete-Guide
OSWE, OSEP, OSED, OSEE
dolevf/graphql-cop
Security Auditor Utility for GraphQL APIs
trickest/cve
Gather and update all available and newest CVEs with their PoC.
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
palark/ovpn-admin
Simple web UI to manage OpenVPN users.
docker/awesome-compose
Awesome Docker Compose samples
ibraheemdev/modern-unix
A collection of modern/faster/saner alternatives to common unix commands.
AppThreat/sast-scan
Fully open-source SAST scanner supporting a range of languages and frameworks. Integrates with major CI pipelines and IDE such as Azure DevOps, Google CloudBuild, VS Code and Visual Studio. No server required!
tanprathan/MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
securingdev/awesome-stickers
A collection of scanned, high-resolution Hacker / Information Security Stickers from various conferences
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
infoslack/awesome-web-hacking
A list of web application security
screetsec/Dracnmap
Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.
aaronweaver/security-bot
A simple Beep Boop ready starter project in Python
herrbischoff/awesome-macos-command-line
Use your macOS terminal shell to do awesome things.
Neo23x0/Loki
Loki - Simple IOC and YARA Scanner
mubix/cfdb
Common Findings Database
darryllane/Bluto-Old
Recon, Subdomain Bruting, Zone Transfers
chanon-m/SIP-Healthy
SIP Service Monitoring and Call Quality with Check_MK Nagios