19anand90

AllVideoPocsFromHackerOne

This script grab public report from hacker one and make some folders with poc videos

ApiWordlistGenerator

Generate wordlists for fuzzing API method names

attacking-and-auditing-docker-containers-and-kubernetes-clusters

Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters

awesome-cloud-native-security

awesome resources about cloud native security 🐿

Awesome-Cloud-PenTest

awesome-cloud-security

🛡️ Awesome Cloud Security Resources ⚔️

aws_exposable_resources

Resource types that can be publicly exposed on AWS

Azure-Red-Team

Azure Security Resources and Notes

breaking-and-pwning-apps-and-servers-aws-azure-training

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!

Cheatsheet-God

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Cloud-Security-Attacks

Azure and AWS Attacks

Combined-Wordlists

A combined wordlists for files and directory discovery

container-security-checklist

Checklist for container security - devsecops practices

Cyber-Security-Resources

cybersecurity-infosec

An ongoing collection infosec courses, learning tutorials, libaries, and training resources.

devops-directive-docker-course

Companion repo for complete Docker course

dirbuster-ng

dirbuster-ng is C CLI implementation of the Java dirbuster tool

https-github.com-yeahhub-Hacking-Security-Ebooks

kube-bench

Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark

kube-hunter

Hunt for security weaknesses in Kubernetes clusters

pwndb

Search for leaked credentials

race-the-web

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline.

RobotsDisallowed

A curated list of the most common and most interesting robots.txt disallowed directories.

sadcloud

A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

steampipe-mod-aws-compliance

Run individual controls or full compliance benchmarks for CIS, PCI, NIST, HIPAA and more across all of your AWS accounts using Steampipe.

steampipe-mod-azure-compliance

Run individual configuration, compliance and security controls or full compliance benchmarks for CIS, HIPAA HITRUST, NIST, and more across all of your Azure subscriptions using Steampipe.

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

test-infra

Test infrastructure for the Kubernetes project.

vulnerability-Checklist

This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter