kingx48 Goto Github PK

prowler

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

public-apis

A collective list of free APIs

public-bugbounty-programs

Community curated list of public bug bounty and responsible disclosure programs.

pymalleablec2

Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.

pythondjangojs

qiling

Qiling Advanced Binary Emulation Framework

raasnet

Open-Source Ransomware As A Service for Linux, MacOS and Windows

radareeye

A tool made for specially scanning nearby devices[BLE, Bluetooth & Wifi] and execute our given command on our system when the target device comes in-between range.

rang

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

red-teaming-toolkit

A collection of open source and commercial tools that aid in red team operations.

red_team_tool_countermeasures

redhunt-os

Virtual Machine for Adversary Emulation and Threat Hunting

resources

Here is a list of best resources to get you started with learning how to code (mostly related to Web Development). Feel free to add your favorite resources as well and help others in their journey of learning.

resources-1

A curated list of different pentesting resources

resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

reverse-engineering

A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.

sandbox-attacksurface-analysis-tools

Set of tools to analyze Windows sandboxes for exposed attack surface.

sansctisummit2021-xstart

Indicators of compromise, YARA rules, and Python scripts to supplement the SANS CTI Summit 2021 talk: "xStart when you're ready".

scalpel-2.0

Scalpel; File Carving. Configuration files are modified.

sec530-wiki

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

securityproject

securityshepherd

Web and mobile application security training platform

shellcodeloader

shellcodeloader

shosubgo

Small tool to Grab subdomains using Shodan api.

sift-saltstack

Salt States for Configuring the SIFT Workstation

software-testing--black-box--facebook.com

Black box testing using different tools for the Facebook website to find bugs and make test cases.

sqlmap

Automatic SQL injection and database takeover tool

sysmon-config

Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.