motazreda's Stars
JuxhinDB/OOB-Server
A Bind9 server for pentesters to use for Out-of-Band vulnerabilities
manticoresoftware/manticoresearch
Easy to use open source fast database for search | Good alternative to Elasticsearch now | Drop-in replacement for E in the ELK soon
narfindustries/http-garden
Differential fuzzing REPL for HTTP implementations.
localstack/localstack
💻 A fully functional local AWS cloud stack. Develop and test your cloud & Serverless apps offline
ageron/handson-ml2
A series of Jupyter notebooks that walk you through the fundamentals of Machine Learning and Deep Learning in Python using Scikit-Learn, Keras and TensorFlow 2.
EdOverflow/bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
Orange-Cyberdefense/GOAD
game of active directory
VSCodeVim/Vim
:star: Vim for Visual Studio Code
horizon3ai/CVE-2022-39952
POC for CVE-2022-39952
attakercyebr/240GB-cookie
KingOfBugbounty/DockerHunt
KingOfBugbounty/shoscan-cli
Shodanscan is a bash scripting search queries using the shodan cli. 🔥
KingOfBugbounty/KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
Wh04m1001/DFSCoerce
ion-storm/sysmon-edr
Sysmon EDR POC Build within Powershell to prove ability.
ghsec/BurpBountyProfile
BurpSiute - BurpBounty Profiles
alufers/mitmproxy2swagger
Automagically reverse-engineer REST APIs via capturing traffic
Impact-I/reFlutter
Flutter Reverse Engineering Framework
hakluke/hakoriginfinder
Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!
commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
marcel-dempers/docker-development-youtube-series
MuhammadKhizerJaved/Insecure-Firebase-Exploit
A simple Python Exploit to Write Data to Insecure/vulnerable firebase databases! Commonly found inside Mobile Apps. If the owner of the app have set the security rules as true for both "read" & "write" an attacker can probably dump database and write his own data to firebase db.
assetnote/commonspeak2-wordlists
Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.
TestingPens/SPartan
SPartan is a Frontpage and Sharepoint eviscerator, great for mutilating Sharepoint sites.
freehuntx/frida-mono-api
All the mono c exports, ready to be used in frida!
0xInfection/Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
BishopFox/GitGot
Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
sorokinpf/ApiWordlistGenerator
Generate wordlists for fuzzing API method names
find-sec-bugs/find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)