Open Sec's repositories
Open-SecTraining
Scripts usados en los entrenamientos de Open-Sec - Publicos y modificados o creados por el Core Team de Open-Sec.
BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that allows you, in a quick and simple way, to improve the active and passive scanner by means of personalized rules through a very intuitive graphical interface.
burpdeveltraining
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
capa
The FLARE team's open-source tool to identify capabilities in executable files.
cicd-goat
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.
conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
degoogle
search Google and extract results directly. skip all the click-through links and other sketchiness
gcpwn
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
iKy
OSINT Project
Invoke-PSObfuscation
An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.
jaeles
The Swiss Army knife for automated Web Application Testing
Mythic
A collaborative, multi-platform, red teaming framework
NotSoCereal-Lab
NotSoCereal: A Deserialization exploit playground
ntlm_theft
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Publico
Repositorio Público
TradecraftDevelopment-Fundamentals
Tradecraft Development Fundamentals