zraphael's Stars
ipentest/knoxss-UG
Documentation for knoXSS tool by @brutelogic
tumilander/shadowdomain
This project consists of a tool aimed at automating the search and verification of subdomains on a target domain.
nvbn/thefuck
Magnificent app which corrects your previous console command.
rizemon/exploit-writing-for-oswe
Tips on how to write exploit scripts (faster!)
tldrsec/awesome-secure-defaults
Awesome secure by default libraries to help you eliminate bug classes!
topotam/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
OWASP/DevSecOpsGuideline
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
apisec-university/free-API-security-test-action
APIsec|SCAN - Free API security testing using Github actions
zoph-io/aws-security-survival-kit
Bare minimum AWS Security Alerting and Configuration
aquasecurity/trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
dnSpy/dnSpy
.NET debugger and assembly editor
dagheyman/awesome-product-security
📚A curated list of product security resources.
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
The-Art-of-Hacking/h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
intrudir/BypassFuzzer
Fuzz 401/403/404 pages for bypasses
devploit/nomore403
Tool to bypass 403/40X response codes.
laluka/bypass-url-parser
bypass-url-parser
punk-security/dnsReaper
dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team!
vaib25vicky/awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
x90skysn3k/brutespray
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
justakazh/sicat
The useful exploit finder
neodyme-labs/github-secrets
This tool analyzes a given Github repository and searches for dangling or force-pushed commits containing potential secret or interesting information.
ByteSnipers/awesome-pentest-cheat-sheets
Collection of cheat sheets useful for pentesting
aquasecurity/cloudsploit
Cloud Security Posture Management (CSPM)
urbanadventurer/WhatWeb
Next generation web scanner
Saitle/BugBounty-2.0
Modern real world bug bounty payloads and exploitation techniques with may earn you some $$$.
dolevf/graphw00f
graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.
iamj0ker/bypass-403
A simple script just made for self use for bypassing 403
R3dy/capsulecorp-pentest
Vagrant VirtualBox environment for conducting an internal network penetration test
imthenachoman/How-To-Secure-A-Linux-Server
An evolving how-to guide for securing a Linux server.