vonderchild's Stars
streaak/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
OWASP/Go-SCP
Golang Secure Coding Practices guide
jassics/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
aquasecurity/tracee
Linux Runtime Security and Forensics using eBPF
cider-security-research/cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
parsiya/Hacking-with-Go
Golang for Security Professionals
wireghoul/graudit
grep rough audit - source code auditing tool
ashutosh1206/Crypton
Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Key Exchange, Authentication methods along with example challenges from CTFs
Cyber-Guy1/API-SecurityEmpire
API Security Project aims to present unique attack & defense methods in API Security field
OWASP/wrongsecrets
Vulnerable app with examples showing how to not use secrets
bsauce/kernel-exploit-factory
Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.
cyberark/kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
OWASP/threat-dragon
An open source threat modeling tool from OWASP
jvdsn/crypto-attacks
Python implementations of cryptographic attacks and utilities.
DERE-ad2001/Frida-Labs
The repo contains a series of challenges for learning Frida for Android Exploitation.
appsecco/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
google/paranoid_crypto
Paranoid's library contains implementations of checks for well known weaknesses on cryptographic artifacts.
oauthinaction/oauth-in-action-code
Source code for OAuth 2 in Action
appvia/krane
Kubernetes RBAC static analysis & visualisation tool
hideckies/exploit-notes
Sticky notes for pentesting, bug bounty, CTF.
wisec/domxsswiki
Automatically exported from code.google.com/p/domxsswiki
awslabs/aws-cloudsaga
AWS CloudSaga - Simulate security events in AWS
google/dfiq
DFIQ is a collection of investigative questions and the approaches for answering them
pwang00/Cryptographic-Attacks
Repository containing implementation of attacks on modern public key cryptosystems and symmetric key ciphers.
cn-panda/logbackRceDemo
The project is a simple vulnerability Demo environment written by SpringBoot. Here, I deliberately wrote a vulnerability environment where there are arbitrary file uploads, and then use the `scan` attribute in the loghack configuration file to cooperate with the logback vulnerability to implement RCE.
rkm0959/Cryptography_Writeups
Cryptography & CTF Writeups
danielsagi/kube-dnsspoof
A POC for DNS spoofing in kubernetes clusters. Runs with minimum capabilities, on default installations of kuberentes.
ymgve/ctf-writeups
various CTF writeups
cranelab/exploit-development
esoteric
marcelo140/length-extension
Trying out Length Extension Attack on SHA-256