mohammadkamrani's Stars
hacksider/Deep-Live-Cam
real time face swap and one-click video deepfake with only a single image
botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
mohammadkamrani/Selenium-Brute-Force
A simple python script for doing brute-force attack using selenium.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
jassics/awesome-aws-security
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
lirantal/awesome-nodejs-security
Awesome Node.js Security resources
sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
FWDSEC/burp-auto-gql
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
gitleaks/gitleaks
Protect and discover secrets using Gitleaks 🔑
KingOfBugbounty/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
twseptian/oneliner-bugbounty
oneliner commands for bug bounties
OWASP/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
devanshbatham/rayder
A lightweight tool for orchestrating and organizing your bug hunting recon / pentesting command-line workflows
michenriksen/drawio-threatmodeling
Draw.io libraries for threat modeling diagrams
nccgroup/house
A runtime mobile application analysis toolkit with a Web GUI, powered by Frida, written in Python.
m0bilesecurity/RMS-Runtime-Mobile-Security
Runtime Mobile Security (RMS) 📱🔥 - is a powerful web interface that helps you to manipulate Android and iOS Apps at Runtime
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
interlynk-io/sbomqs
SBOM quality score - Quality metrics for your sboms
izar/pytm
A Pythonic framework for threat modeling
BishopFox/cloudfox
Automating situational awareness for cloud penetration tests.
infosec-au/altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
praetorian-inc/noseyparker
Nosey Parker is a command-line program that finds secrets and sensitive information in textual data and Git history.
s0md3v/AwesomeXSS
Awesome XSS stuff
DependencyTrack/dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
bsm/redislock
Simplified distributed locking implementation using Redis
dependabot/dependabot-script
A simple script that demonstrates how to use Dependabot Core
Guezone/SECMON
SECMON is a web-based tool for the automation of infosec watching and vulnerability management with a web interface.
Checkmarx/kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
projectdiscovery/dnsx
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
DefectDojo/django-DefectDojo
DevSecOps, ASPM, Vulnerability Management. All on one platform.