Pinned Repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
4CAN
AAPG
[A]ndroid [A]pplication [P]entest [G]uide
actuary
An actuary is a business professional who analyzes the financial consequences of risk.
agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
alerting-detection-strategy-framework
A framework for developing alerting and detection strategies for incident response.
pentagramz's Repositories
pentagramz/agartha
a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.
pentagramz/alerting-detection-strategy-framework
A framework for developing alerting and detection strategies for incident response.
pentagramz/Awesome-web3-Security
A curated list of web3Security materials and resources For Pentesters and Bug Hunters.
pentagramz/AWSealion
A tool to keep AWS pentests efficient, organized, and stealthy.
pentagramz/azure-finder
Simple script to find all Azure-based assets given a domain list
pentagramz/burp-extensions
Burp Extensions
pentagramz/cloud-security-remediation-guides
Security Remediation Guides
pentagramz/container-security-checklist
Checklist for container security - devsecops practices
pentagramz/ghsec-jaeles-signatures
Signatures for jaeles scanner by @j3ssie
pentagramz/Havoc
The Havoc Framework
pentagramz/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
pentagramz/iOS
Most usable tools for iOS penetration testing
pentagramz/jaeles-custom-signatures
pentagramz/kiterunner
Contextual Content Discovery Tool
pentagramz/kubeeye
KubeEye aims to find various problems on Kubernetes, such as application misconfiguration, unhealthy cluster components and node problems.
pentagramz/KubeStalk
KubeStalk discovers Kubernetes and related infrastructure based attack surface from a black-box perspective.
pentagramz/mainframe-pentest
Mainframe Penetration Testing
pentagramz/medaudit
A tool for auditing medical devices and healthcare infrastructure
pentagramz/MindAPI
Organize your API security assessment by using MindAPI. It's free and open for community collaboration.
pentagramz/Mockingjay---Vulnerable-DLL-Finder
Mockingjay Process Injection Vulnerable DLL Finder
pentagramz/Mysignature
Jaeles SIgnature
pentagramz/Nuclei-Templates-Collection
Nuclei Templates Collection
pentagramz/nuvola
pentagramz/Oneliner
pentagramz/OneListForAll
Rockyou for web fuzzing
pentagramz/owasp-fstm
The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, hobbyists, and Information Security professionals with conducting firmware security assessments.
pentagramz/PurplePanda
Identify privilege escalation paths within and across different clouds
pentagramz/QuickXSS
Automating XSS using Bash
pentagramz/reFlutter
Flutter Reverse Engineering Framework
pentagramz/VulFi