Pinned Repositories
_docs
Ebook repository
aquatone
A Tool for Domain Flyovers
articles
awesome-awesomeness
A curated list of awesome awesomeness
awesome-honeypots
an awesome list of honeypot resources
awesome-incident-response
A curated list of tools for incident response
awesome-osint
:scream: A curated list of amazingly awesome OSINT
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
aws-security-survival-kit
Bare minimum AWS Security Alerting
axiom
A dynamic infrastructure toolkit for red teamers and bug bounty hunters!
thomashillman's Repositories
thomashillman/awesome-awesomeness
A curated list of awesome awesomeness
thomashillman/awesome-incident-response
A curated list of tools for incident response
thomashillman/awesome-osint
:scream: A curated list of amazingly awesome OSINT
thomashillman/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
thomashillman/aws-security-survival-kit
Bare minimum AWS Security Alerting
thomashillman/axiom
A dynamic infrastructure toolkit for red teamers and bug bounty hunters!
thomashillman/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
thomashillman/cli
Official Command Line Interface for the IPinfo API (IP geolocation and other types of IP data)
thomashillman/cybar-osint-ctf-2020
CYBAR OSINT CTF 2020
thomashillman/DECEPTICON_Bot
Python-based Disinformation and Deception bot for Twitter with OPSEC in mind.
thomashillman/DevOpsKit-docs
thomashillman/dmi-tcat
Digital Methods Initiative - Twitter Capture and Analysis Toolset
thomashillman/dnsx
dnsx is a fast and multi-purpose DNS toolkit allow to run multiple DNS queries of your choice with a list of user-supplied resolvers.
thomashillman/every-programmer-should-know
A collection of (mostly) technical things every software developer should know about
thomashillman/gpt-investor
thomashillman/gpt-prompt-engineer
thomashillman/jaeles
The Swiss Army knife for automated Web Application Testing
thomashillman/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
thomashillman/nuclei
Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
thomashillman/persian-hugo
Persian is a Box design Personal blog template Based on Bootstrap and powered By Hugo.
thomashillman/PowerZure
PowerShell script to "interact" with Azure
thomashillman/Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
thomashillman/red_team_tool_countermeasures
thomashillman/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
thomashillman/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
thomashillman/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
thomashillman/truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
thomashillman/WebMap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
thomashillman/wordlists
Real-world infosec wordlists, updated regularly
thomashillman/youtube-dl
Command-line program to download videos from YouTube.com and other video sites