The easiest way to access AWS.

Make your GenAI Apps Safe & Secure 🚀 Test & harden your system prompt

Master programming by recreating your favorite technologies from scratch.

An Obsidian vault to Github Pages workflow to hopefully make me take notes

The S2C2F Project is a group working within the OpenSSF's Supply Chain Integrity Working Group formed to further develop and continuously improve the S2C2F guide which outlines and defines how to s…

Small and highly portable detection tests based on MITRE's ATT&CK.

SQL powered operating system instrumentation, monitoring, and analytics.

Fetch all public IP addresses tied to your AWS account. Works with IPv4/IPv6, Classic/VPC networking, and across all AWS services

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

A utility to convert your AWS CLI credentials into AWS console access.

A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4

Azure Data Exporter for BloodHound

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

Credential and Red Teaming Defense for Windows Environments

Canarytokens helps track activity and actions on your network.

SamuraiWTF package management tool and interface.

The main SamuraiWTF collaborative distro repo.

CdkGoat is Bridgecrew's "Vulnerable by Design" AWS CDK repository. CdkGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cl…

⚓️ Easily test HTTP webhooks with this handy tool that displays requests instantly.