Pinned Repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
AD-Pentesting
ADLab
Active Directory Lab for Penetration Testing
Altoro-Mutual---demo.testfire.net
WARNING: This app contains security vulnerabilities. AltoroJ is a sample banking J2EE web application. It shows what happens when web applications are written with consideration of app functionality but not app security. It's a simple and uncluttered platform for demonstrating and learning more about real-life application security issues.
Android-InsecureBankv2
Vulnerable Android application for developers and security enthusiasts to learn about Android insecurities
android-security-awesome
A collection of android security related resources
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
archerysec
Centralize Vulnerability Assessment and Management for DevSecOps Team
awesome-aws-security
Cybersecurity notes, links, references etc.
santhoshinty's Repositories
santhoshinty/android-security-awesome
A collection of android security related resources
santhoshinty/APIKit
APIKit:Discovery, Scan and Audit APIs Toolkit All In One.
santhoshinty/Auto-GPT
An experimental open-source attempt to make GPT-4 fully autonomous.
santhoshinty/awesome-appsec
A curated list of resources for learning about application security
santhoshinty/awesome-threat-modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
santhoshinty/awesome-vulnerable-apps
Awesome Vulnerable Applications
santhoshinty/blackduck-docker-inspector
santhoshinty/BloodHound
Six Degrees of Domain Admin
santhoshinty/checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.
santhoshinty/clair-scanner
Docker containers vulnerability scan
santhoshinty/commix
Automated All-in-One OS Command Injection Exploitation Tool.
santhoshinty/Corsy
CORS Misconfiguration Scanner
santhoshinty/crlfuzz
A fast tool to scan CRLF vulnerability written in Go
santhoshinty/CyberChef
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
santhoshinty/DevSecOps
Ultimate DevSecOps library
santhoshinty/dirsearch
Web path scanner
santhoshinty/gha-devsecops
DevSecOps Pipeline using SAST + DAST and SCA tools
santhoshinty/gotestwaf
An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses
santhoshinty/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
santhoshinty/Jupyter-Threat
santhoshinty/k8sthreatmodeling
Threat Modeling (based on STRIDE approach) for Kubernetes systems.
santhoshinty/mariana-trench
Our security focused static analysis tool for Android and Java applications.
santhoshinty/Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
santhoshinty/pentest-book
santhoshinty/POC
santhoshinty/RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
santhoshinty/tech-interview-handbook
💯 Curated coding interview preparation materials for busy software engineers
santhoshinty/threat-model-cookbook
This project is about creating and publishing threat model examples.
santhoshinty/vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises.
santhoshinty/XMGoat