und3rcl0ck3d's Stars
arvinddoraiswamy/LearnPython
A place to store all my progress on Python as I learn it better.
softrams/bulwark
An organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
semgrep/semgrep
Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.
DefectDojo/django-DefectDojo
DevSecOps, ASPM, Vulnerability Management. All on one platform.
0xInfection/Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
Coalfire-Research/Red-Baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
ztgrace/changeme
A default credential scanner.
ZephrFish/H5SC
HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors
ZephrFish/HeadlessBounties
A shell script that bundles Eyewitness and Sublist3r to create a great fingerprinting tool
ZephrFish/Pentest-Resources
ZephrFish/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
mubix/post-exploitation-wiki
Post Exploitation Wiki
byt3bl33d3r/pth-toolkit
Modified version of the passing-the-hash tool collection made to work straight out of the box
zseano/InputScanner
ZephrFish/AWS-Scanner
Scans a list of websites for Cloudfront or S3 Buckets
ZephrFish/XSSPayloads
Cross Site Scripting Payloads -- Variations
chennylmf/OWASP-Web-App-Pentesting-checklists
ethack/public-pentesting-reports
Curated list of public penetration testing reports released by several consulting firms
varchashva/vPrioritizer
vPrioritizer enables us to understand the contextualized risk (vPRisk) on asset-vulnerability relationship level across the organization, for teams to make more informed decision about what (vulnerability/ties) they should remediate (or can afford not to) and on which (asset/s)
aaaguirrep/offensive-docker
Offensive Docker is an image with the more used offensive tools to create an environment easily and quickly to launch assessment to the targets.
WebBreacher/osinttools
A collection of random OSINT scripts
santosomar/virtualseccons
An ongoing list of virtual cybersecurity conferences.
infoslack/awesome-web-hacking
A list of web application security
tjnull/TJ-JPT
This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used in Joplin
und3rcl0ck3d/Website-Launch-Checklist-for-Web-Designers
At FHOKE we’ve been through it all, from perfect launches to ones that have turned into complete nightmares! Through our experiences we’ve compiled a list, in no particular order, of a process we go through before we launch our sites. http://webdesign.tutsplus.com/articles/workflow/a-web-designers-site-launch-checklist-including-portable-formats/
und3rcl0ck3d/Windows-Post-Exploitation
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
und3rcl0ck3d/hugo-starter
Hugo Starter with Gulp Asset Pipeline, SVG Icons, partials for global components, metadata, and social.
und3rcl0ck3d/hugulp
Hugo + Gulp starter project
und3rcl0ck3d/OSCP-Cheatsheet-God
und3rcl0ck3d/pwk-oscp
Empower your enumeration during OSCP