Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit …

A scanner parser template generator for DefectDojo

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

WebGoat is a deliberately insecure application

A utility to (re-)import findings and language data into DefectDojo

A command-line tool to get valuable information out of AWS CloudTrail

In-depth attack surface mapping and asset discovery

A next-generation crawling and spidering framework.

Find, verify, and analyze leaked credentials

CLI tool to perform cost analysis on your AWS account with Slack integration

Sample scan files for testing DefectDojo imports

The leading native Python SSHv2 protocol library.

Automatically generate commit messages using ChatGPT

Example projects using the AWS CDK

Interactive debugger for Dockerfile, with support for IDEs (VS Code, Emacs, Neovim, etc.)

Evaluate source control (GitHub) security posture

Assisted Log Enabler for AWS - Find AWS resources that are not logging, and turn them on.

Open Source Vulnerability Management Platform

(aka Kotlin Goat) - an intentionally vulnerable Kotlin application

Integrates Dependency-Check reports into SonarQube

One-click WordPress plugin that converts all posts, pages, taxonomies, metadata, and settings to Markdown and YAML which can be dropped into Jekyll (or Hugo or any other Markdown and YAML based sit…

Hugo is static site generator written in golang. Wordpress is a tool for remote access to your server ;-) ❗️Contributions welcome!

Capture website screenshots

A modular SQL linter and auto-formatter with support for multiple dialects and templated code.

Attack Surface Management Platform

Reads from existing public and private cloud providers (reverse Terraform) and generates your infrastructure as code on Terraform configuration

Raspberry Pi thats scans codes for analysis. Sonarqube is a tool that helps refatorate and checks for vulnerabilities in codes.