Stars
A repository of breaches of AWS customers
A plugin for Burp Suite Pro that uses the GraphQL schema to begin Active Scanning the entire endpoint.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
Template-Driven AV/EDR Evasion Framework
The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
Collection of scripts, thoughts about CSP (Content Security Policy)
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
A fast, simple, recursive content discovery tool written in Rust.
A tool designed to traverse phishing URL paths to search for phishing kit source code.
Advisories, proof of concept files and exploits that have been made public by @pedrib.
Monitor Kubernetes Clusters for authorisation tokens being passed in clear-text.
A command line tool to automatically generate seccomp profiles.
🐿 Kira's micro-bot to update project dependencies
Deprecated: Use https://github.com/dependabot/example-cli-usage/ instead.
CrowdSec - the open-source and participative security solution offering crowdsourced protection against malicious IPs and access to the most advanced real-world CTI.
OWASP Benchmark is a test suite designed to verify the speed and accuracy of software vulnerability detection tools. A fully runnable web app written in Java, it supports analysis by Static (SAST),…
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
A PowerShell module to deploy active directory decoy objects.
A tool for exploring each layer in a docker image