Api Security Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Setup Ipsec Vpn
Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
Liberating Web Analytics. Star us on Github? +1. Matomo is the leading open alternative to Google Analytics that gives you full control over your data. Matomo lets you easily collect data from websites & apps and visualise this data and extract insights. Privacy is built-in. We love Pull Requests!
Hierarchical Role-Based Access Control for Node.js
Security event correlation engine for ELK stack
Keyfinder🔑 is a tool that let you find keys while surfing the web!
Enumerate information from NTLM authentication enabled web endpoints 🔎
An example Java Relying Party implementation of the WebAuthn specification
RSPET (Reverse Shell and Post Exploitation Tool) is a Python based reverse shell equipped with functionalities that assist in a post exploitation scenario.
Dashboard to collect, analyze, and respond to reported phishing emails.
Clear all your logs in [linux/windows] servers 🛡️
Open source backup solution for your network
A set of tools to work with the feeds (vulnerabilities, CPE dictionary etc.) distributed by National Vulnerability Database (NVD)
List of sites with two factor auth support which includes SMS, email, phone calls, hardware, and software.
Physmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
A honey token manager and alert system for AWS.
Raptor - WAF - Web application firewall using DFA [ Current version ] - Beta
Eloquent roles and abilities.
schedule and materials about my presentations
💂 Simple, declarative, role-based access control system for Rails and Ruby
😈Scripts or demo projects on iOS development or reverse engineering
Security Testing is not as simple as right click > Scan. It's messy, a tough game. What if you had missed to test just that one thing and had to regret later? Sh00t is a highly customizable, intelligent platform that understands the life of bug hunters and emphasizes on manual security testing.
Web framework that allows performing periodic syncs of data sources and performing analysis on the identified results
The OSINT Omnibus (beta release)
🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs
SafetyNet Helper wraps the Google Play Services SafetyNet.API and verifies Safety Net API response with the Android Device Verification API.
This repo has been migrated to https://github.com/github/security-lab/tree/master/SecurityExploits
API Fuzzer which allows to fuzz request attributes using common pentesting techniques and lists vulnerabilities
⛄️ Get the User:Password from Chrome(include version < 80 and version > 80)
** README ** This repo has MOVED to https://github.com/quadrantsec/sagan
🗣️ A book and repo to get you started programming voice computing applications in Python (10 chapters and 200+ scripts).
Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda function
sso, aka S.S.Octopus, aka octoboi, is a single sign-on solution for securing internal services
Puppet Os Hardening
This puppet module provides numerous security-related configurations, providing all-round base protection.
A cross-platform browser fuzzing framework
Android Pin Bruteforce
Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
Spring Security Pac4j
pac4j security library for Spring Security: OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...
mirror of gera's insecure programming examples | http://community.coresecurity.com/~gera/InsecureProgramming/
Ansible role for Red Hat 7 STIG Baseline
✨ Awesome - A curated list of amazing Homomorphic Encryption libraries, software and resources
ChopChop is a CLI to help developers scanning endpoints and identifying exposition of sensitive services/files/folders.
🔏 Pure Browser To Browser Chat (STUN & ICE Servers optional)
DEPRECATED, bettercap developement moved here: https://github.com/bettercap/bettercap
You don't have the time to watch all the WWDC session videos yourself? No problem me and many contributors extracted the gist for you 🥳
A Blazing fast Security Auditing tool for Kubernetes
KicomAV is an open source (GPL v2) antivirus engine designed for detecting malware and disinfecting it.