nani1337

nani1337's Stars

• KissPeter/APIFuzzer

  Fuzz test your application using your OpenAPI or Swagger API definition without coding

  Language:Python43171

• jgamblin/CPEData

  NVD CPE Data

  Language:HTML4

• Hackmanit/Web-Cache-Vulnerability-Scanner

  Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hackmanit.de/).

  Language:Go880129

• arainho/awesome-api-security

  A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

  3.1k512

• BishopFox/iam-vulnerable

  Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

  Language:HCL48084

• TencentARC/GFPGAN

  GFPGAN aims at developing Practical Algorithms for Real-world Face Restoration.

  Language:Python35.9k6k

• microsoft/rest-api-fuzz-testing

  REST API Fuzz Testing (RAFT): Source code for self-hosted service developed for Azure, including the API, orchestration engine, and default set of security tools (including MSR's RESTler), that enables developers to embed security tooling into their CI/CD workflows

  Language:F#26241

• rotemreiss/uddup

  Urls de-duplication tool for better recon.

  Language:Python13621

• GrrrDog/weird_proxies

  Reverse proxies cheatsheet

  Language:Python1.8k206

• ajinabraham/aws_security_tools

  Scripts and tools for AWS Pentest

  Language:Python5118

• linkedin/qark

  Tool to look for several security related Android application vulnerabilities

  Language:Python3.2k644

• NickstaDB/DeserLab

  Java deserialization exploitation lab.

  Language:Java23748

• AloneMonkey/MonkeyDev

  CaptainHook Tweak、Logos Tweak and Command-line Tool、Patch iOS Apps, Without Jailbreak.

  Language:Objective-C6.6k1.2k

• michenriksen/aquatone

  A Tool for Domain Flyovers

  Language:Go5.7k880

• mitre/caldera

  Automated Adversary Emulation Platform

  Language:Python5.7k1.1k

• hook-s3c/CVE-2018-11776-Python-PoC

  Working Python test and PoC for CVE-2018-11776, includes Docker lab

  Language:Python12550

• yeyintminthuhtut/Awesome-Red-Teaming

  List of Awesome Red Teaming Resources

  6.9k1.7k

• redcanaryco/atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

  Language:C9.8k2.8k

• jaredthecoder/awesome-vehicle-security

  🚗 A curated list of resources for learning about vehicle security and car hacking.

  3.2k609

• EdOverflow/can-i-take-over-xyz

  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

  Language:Python4.9k720

• x90skysn3k/brutespray

  Bruteforcing from various scanner output - Automatically attempts default creds on found services.

  Language:Go2k385

• projectdiscovery/subfinder

  Fast passive subdomain enumeration tool.

  Language:Go10.4k1.3k

• ajinabraham/nodejsscan

  nodejsscan is a static security code scanner for Node.js applications.

  Language:CSS2.4k327

• OWASP/NodeGoat

  The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.

  Language:HTML1.9k1.7k

• endgameinc/RTA

  Language:Python1.1k213

• Cryptogenic/Exploit-Writeups

  A collection where my current and future writeups for exploits/CTF will go

  748116

• DidierStevens/DidierStevensSuite

  Please no pull requests for this repository. Thanks!

  Language:Python2k532

• attekett/Surku

  Surku is a general-purpose mutation-based fuzzer.

  Language:JavaScript7916

• gwen001/pentest-tools

  A collection of custom security tools for quick needs.

  Language:Python3.2k792

• s4n7h0/awesome-incident-response

  A curated list of tools for incident response

  87