randomactsofsecurity's Stars
djsime1/awesome-flipperzero
🐬 A collection of awesome resources for the Flipper Zero device.
cockpit-project/cockpit
Cockpit is a web-based graphical interface for servers.
Flipper-XFW/Xtreme-Firmware
The Dom amongst the Flipper Zero Firmware. Give your Flipper the power and freedom it is really craving. Let it show you its true form. Dont delay, switch to the one and only true Master today!
bridgecrewio/checkov
Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.
drk1wi/Modlishka
Modlishka. Reverse Proxy.
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
lyft/cartography
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
BishopFox/cloudfox
Automating situational awareness for cloud penetration tests.
threatexpress/domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
0xKayala/NucleiFuzzer
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
ZupIT/horusec
Horusec is an open source tool that improves identification of vulnerabilities in your project with just one command.
nikitastupin/clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
robbins23/daisyui-admin-dashboard-template
Free admin dashboard template using Daisy UI, React js and Tailwind CSS
0xdea/semgrep-rules
A collection of my Semgrep rules to facilitate vulnerability research.
idnahacks/GoodHound
Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
WithSecureLabs/android-keystore-audit
deepinstinct/Lsass-Shtinkering
JetP1ane/Callisto
Callisto - An Intelligent Binary Vulnerability Analysis Tool
MarkoH17/Spray365
Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
0xdea/ghidra-scripts
A collection of my Ghidra scripts to facilitate reverse engineering and vulnerability research.
cepxeo/dll4shell
Shellcode launcher for AV bypass
forcesunseen/graphquail
Burp Suite extension that offers a toolkit for testing GraphQL endpoints.
HernanRodriguez1/MimikatzFUD
DenizParlak/hayat
Hayat is a script for report and analyze Google Cloud Platform resources.
waffl3ss/NameSpi
An OSINT employee/username enumeration tool
marcin-kolda/gcp-iam-collector
Python script for collecting and visualising Google Cloud Platform IAM permissions
WhiteOakSecurity/Dynamic-DTD
A python Flask app that generates dynamic DTDs for easy out-of-band data exfiltration.
sijms/PowerBuilder-decompile
Python module that parse power builder file (PBD) and analyze code (Incomplete)
thansuoi113/Recovery-Datawindow-From-PBD
Recovery Datawindow From PBD
WhiteOakSecurity/SOCKSSettings
Burp Extension for more accessible SOCKS Proxy Settings