ygilani-ps's Stars
center-for-threat-informed-defense/adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
mitre-attack/attack-datasources
This content is analysis and research of the data sources currently listed in ATT&CK.
mitre-attack/attack-scripts
Scripts and a (future) library to improve users' interactions with the ATT&CK content
olafhartong/ATTACKdatamap
A datasource assessment on an event level to show potential coverage or the MITRE ATT&CK framework
mitre/caldera
Automated Adversary Emulation Platform
aquasecurity/starboard
Moved to https://github.com/aquasecurity/trivy-operator
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
OWASP/DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
OWASP/security-culture
OWASP Security Culture repository
OWASP/raider
OWASP Raider: a novel framework for manipulating the HTTP processes of persistent sessions
OWASP/apicheck
OWASP/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
mike-goodwin/owasp-threat-dragon-desktop
An installable desktop variant of OWASP Threat Dragon
OWASP/threat-dragon
An open source threat modeling tool from OWASP
owasp-amass/amass
In-depth attack surface mapping and asset discovery
OWASP/www-project-mobile-top-10
GoogleContainerTools/distroless
🥑 Language focused docker images, minus the operating system.
veracode-research/rogue-jndi
A malicious LDAP server for JNDI injection attacks
BishopFox/badPods
A collection of manifests that will create pods with elevated privileges.
carlospolop/Auto_Wordlists
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
maddev-engenuity/AdversaryEmulation
MAD ATT&CK Defender: ATT&CK Adversary Emulation Repository
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
carlospolop/PurplePanda
Identify privilege escalation paths within and across different clouds
doitintl/secure-gcp-reference
Best practice example for secure and compliant Google Cloud Platform infrastructure
orcasecurity/orca-toolbox