Breach.twA service that can track data breaches like "Have I Been Pwned", but it is specific for Taiwan.
Stars: ✭ 144 (-62.01%)
aquatoneA Tool for Domain Flyovers
Stars: ✭ 43 (-88.65%)
TIWAPTotally Insecure Web Application Project (TIWAP)
Stars: ✭ 137 (-63.85%)
PentestingMisc. Public Reports of Penetration Testing and Security Audits.
Stars: ✭ 24 (-93.67%)
KurukshetraKurukshetra - A framework for teaching secure coding by means of interactive problem solving.
Stars: ✭ 131 (-65.44%)
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-94.2%)
toolkitThe essential toolkit for reversing, malware analysis, and cracking
Stars: ✭ 176 (-53.56%)
BootsyDesigned to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.
Stars: ✭ 33 (-91.29%)
Jsonpjsonp is a Burp Extension which attempts to reveal JSONP functionality behind JSON endpoints. This could help reveal cross-site script inclusion vulnerabilities or aid in bypassing content security policies.
Stars: ✭ 131 (-65.44%)
championscurriculumA training curriculum for teaching information security "champions" within small organisations and helping them conduct a basic assessment. (Work in progress)
Stars: ✭ 18 (-95.25%)
diwaA Deliberately Insecure Web Application
Stars: ✭ 32 (-91.56%)
PastebinMarkdownXSSXSS in pastebin.com and reddit.com via unsanitized markdown output
Stars: ✭ 84 (-77.84%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-66.49%)
hibpwnedPython API wrapper for haveibeenpwned.com (API v3)
Stars: ✭ 21 (-94.46%)
restincodeA memorial site for Hackers and Infosec people who have passed
Stars: ✭ 62 (-83.64%)
VindicateToolLLMNR/NBNS/mDNS Spoofing Detection Toolkit
Stars: ✭ 40 (-89.45%)
Spaces FinderA tool to hunt for publicly accessible DigitalOcean Spaces
Stars: ✭ 122 (-67.81%)
goverviewgoverview - Get an overview of the list of URLs
Stars: ✭ 93 (-75.46%)
Zxhookdetection【iOS应用安全、安全攻防】hook及越狱的基本防护与检测(动态库注入检测、hook检测与防护、越狱检测、签名校验、IDA反编译分析加密协议Demo);【数据传输安全】浅谈http、https与数据加密
Stars: ✭ 241 (-36.41%)
GoaltdnsA permutation generation tool written in golang
Stars: ✭ 119 (-68.6%)
SpamscopeFast Advanced Spam Analysis Tool
Stars: ✭ 223 (-41.16%)
tutorialsAdditional Resources For Securing The Stack Tutorials
Stars: ✭ 36 (-90.5%)
Mitmap📡 A python program to create a fake AP and sniff data.
Stars: ✭ 1,526 (+302.64%)
PowerzurePowerShell framework to assess Azure security
Stars: ✭ 450 (+18.73%)
Web MethodologyMethodology for high-quality web application security testing - https://github.com/tprynn/web-methodology/wiki
Stars: ✭ 142 (-62.53%)
VirtualsecconsAn ongoing list of virtual cybersecurity conferences.
Stars: ✭ 113 (-70.18%)
XvwaXVWA is intentionally designed with many security flaws and enough technical ground to upskill application security knowledge. This whole idea is to evangelize web application security issues. Do let us know your suggestions for improvement or any more vulnerability you would like to see in XVWA future releases.
Stars: ✭ 1,540 (+306.33%)
qvm-create-windows-qubeSpin up new Windows qubes quickly, effortlessly and securely on Qubes OS
Stars: ✭ 267 (-29.55%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-70.18%)
NetsetOperational Security utility and automator.
Stars: ✭ 110 (-70.98%)
ContentSecurity automation content in SCAP, OSCAL, Bash, Ansible, and other formats
Stars: ✭ 1,219 (+221.64%)
rawsec-cybersecurity-inventoryAn inventory of tools and resources about CyberSecurity that aims to help people to find everything related to CyberSecurity.
Stars: ✭ 153 (-59.63%)
Androl4bA Virtual Machine For Assessing Android applications, Reverse Engineering and Malware Analysis
Stars: ✭ 908 (+139.58%)
Hacker ContainerContainer with all the list of useful tools/commands while hacking and pentesting Kubernetes Clusters
Stars: ✭ 105 (-72.3%)
JanusecJanusec Application Gateway, Provides Fast and Secure Application Delivery. JANUSEC应用网关,提供快速、安全的应用交付。
Stars: ✭ 771 (+103.43%)
introspectorA schema and set of tools for using SQL to query cloud infrastructure.
Stars: ✭ 61 (-83.91%)
SubtakeAutomatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.
Stars: ✭ 104 (-72.56%)
JackhammerJackhammer - One Security vulnerability assessment/management tool to solve all the security team problems.
Stars: ✭ 633 (+67.02%)
pyetiPython bindings for Yeti's API
Stars: ✭ 15 (-96.04%)
Juice ShopOWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Stars: ✭ 6,270 (+1554.35%)
RoutersploitExploitation Framework for Embedded Devices
Stars: ✭ 9,866 (+2503.17%)
Awesome Nginx Security🔥 A curated list of awesome links related to application security related to the environments with NGINX or Kubernetes Ingres Controller (based on NGINX)
Stars: ✭ 417 (+10.03%)
DcRatA simple remote tool in C#.
Stars: ✭ 709 (+87.07%)
AutorizeAutomatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automatic authorization tests
Stars: ✭ 406 (+7.12%)
GorshA Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface
Stars: ✭ 97 (-74.41%)
WatchdogWatchdog - A Comprehensive Security Scanning and a Vulnerability Management Tool.
Stars: ✭ 345 (-8.97%)
Gf SecretsSecret and/ credential patterns used for gf.
Stars: ✭ 96 (-74.67%)
reconmapVulnerability assessment and penetration testing automation and reporting platform for teams.
Stars: ✭ 242 (-36.15%)
giggerGit folder digger, I'm sure it's worthwhile stuff.
Stars: ✭ 39 (-89.71%)
massurlA simple tool that aims to efficiently and quickly parse the outputs of web scraping tools like gau
Stars: ✭ 14 (-96.31%)
adalancheActive Directory ACL Visualizer and Explorer - who's really Domain Admin?
Stars: ✭ 862 (+127.44%)
pentest-reportsCollection of penetration test reports and pentest report templates. Published by the the best security companies in the world.
Stars: ✭ 111 (-70.71%)
Awesome Shodan Queries🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
Stars: ✭ 2,758 (+627.7%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+16.89%)