Lukman Ernandi's starred repositories
eJPTv2-Notes
Penetration Testing Student version 2 simple condensed NOTES for quick recap
EJPTv2-Notes
Notes created for preparation of EJPTv2
SecretFinder
SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
ScoutSuite
Multi-Cloud Security Auditing Tool
cloud-security-audit
A command line security audit tool for Amazon Web Services
aws-enumerator
The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.
awstaghelper
AWS bulk tagging tool
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
LoggerPlusPlus-API-Filters
A Collection of Logger++ Filters for Hunting API Vulnerabilities
Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me
HackTheBoxWriteups
Writeups for the machines on ethical hacking site Hack the Box
RustRedOps
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
bug-bounty-testing-essential-guideline-startup-bug-hunters
Bug Bounty Testing Essential Guideline : Startup Bug Hunters
awesome-secure-defaults
Awesome secure by default libraries to help you eliminate bug classes!
Leaked-Credentials
how to look for Leaked Credentials !
quickpress
Small tool to automate SSRF wordpress and XMLRPC finder