arukaminado

AttackSurfaceAnalyzer

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

awesome-shodan-queries

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

BLAKE2

BLAKE2 official implementations

BruteShark

Network Analysis Tool

CloudFail

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

detection-container

discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, parsing, and creating malicious payloads and listeners with Metasploit.

dnscat2

espoofer

An email spoofing testing tool that aims to bypass SPF/DKIM/DMARC and forge DKIM signatures.🍻

gitrob

Reconnaissance tool for GitHub organizations

graphql-voyager

🛰️ Represent any GraphQL API as an interactive graph

Homework-of-C-Language

C/C++ code examples of my blog.

jekyll

:globe_with_meridians: Jekyll is a blog-aware static site generator in Ruby

netzob

Netzob: Protocol Reverse Engineering, Modeling and Fuzzing

ngrev

Tool for reverse engineering of Angular applications

nodejs-graphql-mysql-example

An example Express based app implementing a GraphQL API using MySQL as its datastore

octodns

Tools for managing DNS across multiple providers

pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

param-miner

Penetration-Testing-Resources

Photon

Incredibly fast crawler designed for OSINT.

powertop

The Linux PowerTOP tool -- please post patches to the mailing list instead of using github pull requests

prowler

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

python-decompile3

Python decompiler for 3.7+. Stripped down from uncompyle6 so we can refactor and fix up some long-standing problems

retire.js

scanner detecting the use of JavaScript libraries with known vulnerabilities

Security-Research

Exploits written by the Rhino Security Labs team

sifter

*Frequently Updated. Sifter is a osint, recon & vulnerability scanner. It combines a plethara of tools within different module sets in order to quickly perform recon tasks, check network firewalling, enumerate remote and local hosts, and scan for the 'blue' vulnerabilities within microsft and if unpatched, exploit them. It uses tools like blackwidow and konan for webdir enumeration and attack surface mapping rapidly using ASM.

yasm

Yasm Assembler mainline development tree