mgv

mgv's Stars

• puresec/sas-top-10

  Serverless Architectures Security Top 10 Guide

  33345

• nccgroup/ScoutSuite

  Multi-Cloud Security Auditing Tool

  Language:Python6.8k1.1k

• pr0cf5/kernel-exploit-practice

  repository for kernel exploit practice

  Language:Batchfile38849

• physics-sec/DetectCrossOriginMessaging

  This Burp extension helps you to find usages of postMessage and recvMessage

  Language:Python155

• pomerium/awesome-security-audits

  A collection of public security audits.

  20617

• xairy/vmware-exploitation

  A collection of links related to VMware escape exploits

  1.4k208

• ticarpi/jwt_tool

  :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

  Language:Python5.5k672

• urbanadventurer/WhatWeb

  Next generation web scanner

  Language:Ruby5.6k909

• tomnomnom/unfurl

  Pull out bits of URLs provided on stdin

  Language:Go1.1k123

• orangetw/Tiny-URL-Fuzzer

  A tiny and cute URL fuzzer

  Language:Python38783

• byt3bl33d3r/WitnessMe

  Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.

  Language:Python734109

• mirfansulaiman/Command-Mobile-Penetration-Testing-Cheatsheet

  Mobile penetration testing android & iOS command cheatsheet

  353110

• tyranid/WindowsRpcClients

  This respository is a collection of C# class libraries which implement RPC clients for various versions of the Windows Operating System from 7 to Windows 10.

  Language:C#26951

• ripienaar/free-for-dev

  A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev

  Language:HTML90.4k9.8k

• fuzzitdev/pythonfuzz

  coverage guided fuzz testing for python

  Language:Python22332

• HoLyVieR/prototype-pollution-nsec18

  Content released at NorthSec 2018 for my talk on prototype pollution

  Language:JavaScript51578

• Consensys/smart-contract-best-practices

  A guide to smart contract security best practices

  Language:HTML7.5k1.5k

• WithSecureLabs/C3

  Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

  Language:C++1.5k271

• andresriancho/vpc-vpn-pivot

  Pivot into private VPC networks using a VPN connection

  Language:Python419

• nccgroup/tracy

  A tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.

  Language:JavaScript55469

• gquere/pwn_jenkins

  Notes about attacking Jenkins servers

  Language:Python2k323

• vulhub/vulhub

  Pre-Built Vulnerable Environments Based on Docker-Compose

  Language:Dockerfile17.9k4.5k

• phpstan/phpstan

  PHP Static Analysis Tool - discover bugs in your code without running it!

  Language:PHP13k890

• trailofbits/algo

  Set up a personal VPN in the cloud

  Language:Jinja29k2.3k

• allanlw/svg-cheatsheet

  A cheatsheet for exploiting server-side SVG processors.

  69692

• daeken/httprebind

  Automatic tool for DNS rebinding-based SSRF attacks

  Language:Python29551

• doyensec/electronegativity

  Electronegativity is a tool to identify misconfigurations and security anti-patterns in Electron applications.

  Language:JavaScript97266

• fnk0c/cangibrina

  A fast and powerfull dashboard (admin) finder

  Language:Python22579

• clirimemini/Keye

  Keye is a reconnaissance tool that was written in Python with SQLite3 integrated. After adding a single URL, or a list of URLs, it will make a request to these URLs and try to detect changes based on their response's body length.

  Language:Python10033

• tldr-pages/tldr

  📚 Collaborative cheatsheets for console commands

  Language:Markdown51.5k4.2k