pentest framework

The OWASP SecureTea Project provides a one-stop security solution for various devices (personal computers / servers / IoT devices)

Automation to assess the state of your M365 tenant against CISA's baselines

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

Investigate malicious Windows logon by visualizing and analyzing Windows event log

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readines…

Collection of offensive tools targeting Microsoft Azure

ALL IN ONE Hacking Tool For Hackers

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Let's find someone's account

DongTai is an interactive application security testing(IAST) product that supports the detection of OWASP WEB TOP 10 vulnerabilities, multi-request related vulnerabilities (including logic vulnerab…

Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, Th…

SourceGPT - prompt manager and source code analyzer built on top of ChatGPT as the oracle

Infoga - Email OSINT

Tool to look for several security related Android application vulnerabilities

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

PenTest - Penetration Testing Tools Downloader

Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to by…

A small and efficent script to send SMS all over the world anonymously

wsvuls - website vulnerability scanner detect issues [ outdated server software and insecure HTTP headers.]

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (D…

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://gapps.darkbanner.com

Fast and configurable TLS grabber focused on TLS based data collection.

Resources for improving Customer Experience with Azure Network Security