sbehrens's Stars
CoatiSoftware/Sourcetrail
Sourcetrail - free and open-source interactive source explorer
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
n1nj4sec/pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
build-trust/ockam
Orchestrate end-to-end encryption, cryptographic identities, mutual authentication, and authorization policies between distributed applications – at massive scale.
bluscreenofjeff/Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
its-a-feature/Mythic
A collaborative, multi-platform, red teaming framework
GrrrDog/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
giuliacassara/awesome-social-engineering
A curated list of awesome social engineering resources.
ajinabraham/nodejsscan
nodejsscan is a static security code scanner for Node.js applications.
approximatelabs/sketch
AI code-writing assistant that understands data content
greshake/llm-security
New ways of breaking app-integrated LLMs
doyensec/inql
InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.
hysnsec/awesome-threat-modelling
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
SecurityRiskAdvisors/VECTR
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
disclose/diodb
Open-source vulnerability disclosure and bug bounty program database
doyensec/regexploit
Find regular expressions which are vulnerable to ReDoS (Regular Expression Denial of Service)
vysecurity/DomainFrontingLists
A list of Domain Frontable Domains by CDN
prompt-security/ps-fuzz
Make your GenAI Apps Safe & Secure :rocket: Test & harden your system prompt
nevalla/lens-resource-map-extension
Lens - The Kubernetes IDE extension that displays Kubernetes resources and their relations as a force graph.
JupiterOne/starbase
Graph-based security analysis for everyone
devoteam-cybertrust/burpcollaborator-docker
This repository includes a set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate. The objective is to simplify as much as possible the process of setting up and maintaining the server.
projectdiscovery/pd-actions
Continuous recon and vulnerability assessment using Github Actions.
mandatoryprogrammer/tarnish
A Chrome extension static analysis tool to help aide in security reviews.
armenak/DataDefender
Sensitive Data Management: Data Discovery and Anonymization toolkit
GoogleChrome/CertificateTransparency
MythicAgents/poseidon
Poseidon is a Golang agent targeting Linux and macOS
mbechler/serjs
A Java serializer in JavaScript
dmaasland/mcfridafee
Veridax/privapi
Detect Sensitive REST API communication using Deep Neural Networks