Pinned Repositories
AAPG
[A]ndroid [A]pplication [P]entest [G]uide
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
appsec-risk-assessment-guide
Contains documentation (guides, resources, links etc.) to accompany the formal application security risk assessment
blueprint-securesoftwarepipeline
For engineers and security teams driving fast and secure software supply chains
concourse-http-resource
A generic Concourse resource for hitting an HTTP URL based on a small alpine base image.
postenum
Postenum is a clean, nice and easy tool for basic/advanced privilege escalation techniques. Postenum tool is intended to be executed locally on a Linux box.
pedramjm's Repositories
pedramjm/blueprint-securesoftwarepipeline
For engineers and security teams driving fast and secure software supply chains
pedramjm/concourse-http-resource
A generic Concourse resource for hitting an HTTP URL based on a small alpine base image.
pedramjm/AAPG
[A]ndroid [A]pplication [P]entest [G]uide
pedramjm/appsec-risk-assessment-guide
Contains documentation (guides, resources, links etc.) to accompany the formal application security risk assessment
pedramjm/asra-domains
Application Security domains
pedramjm/auditd
Best Practice Auditd Configuration
pedramjm/codeexamples-android
Android examples from the vogella.com website
pedramjm/continuous-threat-modeling
A Continuous Threat Modeling methodology
pedramjm/dependencycheck-central-mysql-docker
Self-updating OWASP DependencyCheck Database Server :book:
pedramjm/driftctl
Detect, track and alert on infrastructure drift
pedramjm/Event-Forwarding-Guidance
Configuration guidance for implementing collection of security relevant Windows Event Log events by using Windows Event Forwarding. #nsacyber
pedramjm/falco
Cloud Native Runtime Security
pedramjm/Hello-World
My first repository on GitHub!
pedramjm/Infosec_Reference
An Information Security Reference That Doesn't Suck
pedramjm/inql
InQL - A Burp Extension for GraphQL Security Testing
pedramjm/kics
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.
pedramjm/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
pedramjm/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
pedramjm/nessus-dash
Flask based Cybersecurity Dashboard
pedramjm/nessus-database-export
Script to export Nessus results to a relational database for use in reports, analysis, or whatever else.
pedramjm/nessus-file-analyzer
GUI tool which enables you to parse nessus scan files from Nessus and Tenable.SC by (C) Tenable, Inc. and exports results to a Microsoft Excel Workbook for effortless analysis.
pedramjm/nessus-file-reader
CLI tool and python module which enables you to parse nessus scan files from Nessus and Tenable.SC by (C) Tenable, Inc.
pedramjm/scripts
Various scripts for penetration testing
pedramjm/sentinel-attack
Repository of sentinel alerts and hunting queries leveraging sysmon and the MITRE ATT&CK framework
pedramjm/steampipe
Use SQL to instantly query your cloud services (AWS, Azure, GCP and more). Open source CLI. No DB required.
pedramjm/testing
test repo
pedramjm/testyml
pedramjm/ThreatMapper
Identify vulnerabilities in running containers, images, hosts and repositories
pedramjm/trivy
A Simple and Comprehensive Vulnerability Scanner for Containers, Suitable for CI
pedramjm/web-methodology
Methodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki