antonini

blog.endrigoantonini.com.br

http://blog.endrigoantonini.com.br

dnstwist

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

90DaysOfCyberSecurity

This repository contains a 90-day cybersecurity study plan, along with resources and materials for learning various cybersecurity concepts and technologies. The plan is organized into daily tasks, covering topics such as Network+, Security+, Linux, Python, Traffic Analysis, Git, ELK, AWS, Azure, and Hacking. The repository also includes a `LEARN.md

urlcrazy

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

idiv-dividend-analysis

Análise das empresas do Índice de Dividendos da B3 (IDIV), estimativa do retorno aos acionistas, cálculo do DY nos últimos anos e preço-teto por ação.

pyasn

Python IP address to Autonomous System Number lookup module. (Supports fast local lookups, and historical lookups using archived BGP dumps.)

exploits-1

Exploits project Hacking Command Center

SimpleEmailSpoofer

A simple Python CLI to spoof emails.

prowler

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

cloudsplaining

Cloudsplaining is an AWS IAM Security Assessment tool that identifies violations of least privilege and generates a risk-prioritized report.

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

leonidas

Automated Attack Simulation in the Cloud, complete with detection use cases.

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

DeTTECT

Detect Tactics, Techniques & Combat Threats

caldera

Automated Adversary Emulation

fleet

A flexible control server for osquery fleets

pix-dict-quickstart

Quickstart da API do DICT

pix-dict-api

API do DICT - Diretório de Identificadores de Contas Transacionais

Aaia

AWS Identity and Access Management Visualizer and Anomaly Finder

certbot-hooks

Certbot (Let's Encrypt Project) Hooks

certbot

Certbot, previously the Let's Encrypt Client, is EFF's tool to obtain certs from Let's Encrypt, and (optionally) auto-enable HTTPS on your server. It can also act as a client for any other CA that uses the ACME protocol.

bucket-stream

Find interesting Amazon S3 Buckets by watching certificate transparency logs.

Hash-Buster

Crack hashes in seconds.

cloudflare-ip-security-group-update

Lambda function to retrieve Cloudflare's IP address list and update the specified security group

cf-worker-aws-fetch

ScoutSuite

Multi-Cloud Security Auditing Tool

huskyCI

Performing security tests inside your CI

awesome-shodan-queries

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

git-secrets

Prevents you from committing secrets and credentials into git repositories

pandas

Flexible and powerful data analysis / manipulation library for Python, providing labeled data structures similar to R data.frame objects, statistical functions, and much more