Lukmanern

akto

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

img-payloads

scilla

Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration

Notes

eJPT-Exam

eJPTv2-Notes

Penetration Testing Student version 2 simple condensed NOTES for quick recap

EJPTv2-Notes

Notes created for preparation of EJPTv2

nipejs

Simplify your life with leak detection in JavaScript. NipeJS streamlines the use of regex, making it effortless to uncover potential leaks.

jsfinder

Fetches JavaScript files quickly and comprehensively.

SecretFinder

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

ScoutSuite

Multi-Cloud Security Auditing Tool

cloudlist

Cloudlist is a tool for listing Assets from multiple Cloud Providers.

cloud-security-audit

A command line security audit tool for Amazon Web Services

clouditor

The Clouditor is a tool to support continuous cloud assurance. Developed by Fraunhofer AISEC.

aws-enumerator

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud review in case the security researcher compromised AWS Account Credentials.

yatas

:owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration

awstaghelper

AWS bulk tagging tool

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

LoggerPlusPlus-API-Filters

A Collection of Logger++ Filters for Hunting API Vulnerabilities

payloads

Tiny-XSS-Payloads

A collection of tiny XSS Payloads that can be used in different contexts. https://tinyxss.terjanq.me

HackTheBoxWriteups

Writeups for the machines on ethical hacking site Hack the Box

RustRedOps

🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust

bug-bounty-testing-essential-guideline-startup-bug-hunters

Bug Bounty Testing Essential Guideline : Startup Bug Hunters

awesome-secure-defaults

Awesome secure by default libraries to help you eliminate bug classes!

CyberKits

Perlengkapan Cyber Dalam Melakukan Pentest Dan Pertahanan

cve_hub

Leaked-Credentials

how to look for Leaked Credentials !

quickpress

Small tool to automate SSRF wordpress and XMLRPC finder