payloadartist's Stars
Ciphey/Ciphey
⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
foundry-rs/foundry
Foundry is a blazing fast, portable and modular toolkit for Ethereum application development written in Rust.
SunWeb3Sec/DeFiHackLabs
Reproduce DeFi hacked incidents using Foundry.
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
microsoft/SynapseML
Simple and Distributed Machine Learning
TheRook/subbrute
A DNS meta-query spider that enumerates DNS records, and subdomains.
teler-sh/teler
Real-time HTTP Intrusion Detection
yume-chan/ya-webadb
ADB in your browser
DataDog/stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
krol3/container-security-checklist
Checklist for container security - devsecops practices
blockthreat/blocksec-ctfs
A curated list of blockchain security Capture the Flag (CTF) competitions
dafthack/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
bridgecrewio/terragoat
TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.
AlephNullSK/dnsgen
Generates combination of domain names from the provided input.
nu11secur1ty/Windows10Exploits
Microsoft » Windows 10 : Security Vulnerabilities
gakonst/solidity-book
The Senior Solidity Engineer's Book is a resource meant to transform you into a Senior Solidity Engineer.
ShiftLeftSecurity/sast-scan
Scan is a free & Open Source DevSecOps tool for performing static analysis based security testing of your applications and its dependencies. CI and Git friendly.
grimm-co/NotQuite0DayFriday
This is a repo which documents real bugs in real software to illustrate trends, learn how to prevent or find them more quickly.
cloudfuzz/android-kernel-exploitation
Android Kernel Exploitation
wallarm/api-firewall
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
DockerSecurityPlayground/DSP
A Microservices-based framework for the study of Network Security and Penetration Test techniques
Vinum-Security/kubernetes-security-checklist
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
cure53/Contracts
A small collection of potentially useful contract templates
IvanGlinkin/AutoSUID
AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges.
pdelteil/BugBountyReportTemplates
List of reporting templates I have used since I started doing BBH.
PwnFunction/Next.js-Flat-Prototype-Pollution
Prototype Pollution using `flat` with Next.js
hakluke/hakfindinternaldomains
Feed it a list of subdomains, it will resolve them and tell you which ones are internal
abdulsamijay/Defi-Hack-Analysis-POC
A curated list of major DeFi hacks along with their POCs in foundry
BushidoUK/Abused-Legitimate-Services
Cloud, CDN, and marketing services leveraged by cybercriminals and APT groups