fthomasella Goto Github PK

nodebestpractices

:white_check_mark: The largest Node.js best practices list (September 2019)

nozzlr

Nozzlr is a bruteforce framework, trully modular and script-friendly

oscp-2

Collection of things made during my OSCP journey

path-auditor

payloadsallthethings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

pentest-book

pentest-tools

pentest-wiki

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

pentesting-bible

This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.

pfff

Tools for code analysis, visualizations, or style-preserving source transformation.

php

iniciando estudos em php

phpggc

PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.

prowler

Prowler is an Open Source security tool to perform cloud security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

python-pty-shells

Python PTY backdoors - full PTY or nothing!

randomrepo

Repo for random stuff

scoutsuite

Multi-Cloud Security Auditing Tool

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

secure_headers

Manages application of security headers with many safe defaults

smbmap

SMBMap is a handy SMB enumeration tool

sn1per

Automated pentest framework for offensive security experts

sparta

Network Infrastructure Penetration Testing Tool

sshuttle

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

sublazerwlst

Bundle of wordlists for brute-forcing subdomains (World + RUSSIA based).

sudo_killer

A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo

tensorflow

Computation using data flow graphs for scalable machine learning

toolies

Ad hoc collection of Red Teaming & Active Directory tooling.

ultrarelay

poison and relay NTLM credentials

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

validator.js

String validation

webshell

Webshell && Backdoor Collection