Soufian El Yadmani's repositories
FOSAD22
Slides and code for FOSAD22 short course on Algorand smart contracts
APISandbox
Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose.
awesome-censys-queries
A collection of fascinating and bizarre Censys Search Queries
googerteller
audible feedback on just how much your browsing feeds into google
secret-regex-list
List of regex for scraping secret API keys and juicy information.
misp-warninglists
Warning lists to inform users of MISP about potential false-positives or other information in indicators
DC30_Workshop
DEFCON 30 Mainframe buffer overlow workshop container
RITA-J
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
MassMap
Combined port scanning w/ Masscan's speed & Nmap's scanning features.
JPGtoMalware
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganography methods. However, since the payload in the JPG file is encrypted, it cannot be easily decrypted. It also uses the "garbage code insertion/dead-code insertion" method to prevent the payload from being caught by the antivirus at runtime.
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
OffensivePascal
Pascal Offsec repo for malware dev and red teaming 🚩
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Malware Bazaar, ThreatFox, Triage and it is able to scan Android devices against VT and HA.
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Smart-Contract-Audits
Smart Contract security audit reports
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
awesome-incident-response
A curated list of tools for incident response
awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
SoCo
SoCo (Sonos Controller) is a Python project that allows you to programmatically control Sonos speakers.
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Windows-Post-Exploitation
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
knowledge-sharing
Hands-on content for Humla/Puliya sessions at null community
OSCE-Complete-Guide
OSWE, OSEP, OSED