KC's repositories
API-Security
OWASP API Security Project
awesome-checker-services
✅ List of links to the various checkers out there on the web for sites, domains, security etc.
BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
cis-benchmarks-audit
Simple command line tool to check for compliance against CIS Benchmarks
email2pdf
Script to convert emails to PDF from the command-line, as well as detach recognized attachments. Helps to process incoming emails and assist automatically with a non-paper paperwork workflow. Designed to work in tandem with getmail to convert forwarded emails to PDF automatically.
fm_transmitter
Raspberry Pi as FM transmitter
frida-ios-dump
pull decrypted ipa from jailbreak device
GitDorker
A Python program to scrape secrets from GitHub through usage of a large repository of dorks.
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
IoT-Security-Verification-Standard-ISVS
OWASP IoT Security Verification Standard (ISVS)
JELVIS
Intelligent audio assistant like Iron Man Jarvis
keeweb
Free cross-platform password manager compatible with KeePass
linkedin-skill-assessments-quizzes
Full reference of LinkedIn answers 2022 for skill assessments (aws-lambda, rest-api, javascript, react, git, html, jquery, mongodb, java, Go, python, machine-learning, power-point) linkedin excel test lösungen, linkedin machine learning test LinkedIn test questions and answers
log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
metasploit-framework
Metasploit Framework
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
naxsi
NAXSI is an open-source, high performance, low rules maintenance WAF for NGINX
objection
📱 objection - runtime mobile exploration
passbolt_docker
Get started with Passbolt CE using docker!
Penetration-Testing
List of awesome penetration testing resources, tools and other shiny things
phoneinfoga
Information gathering & OSINT framework for phone numbers
prometheus
The Prometheus monitoring system and time series database.
qark
Tool to look for several security related Android application vulnerabilities
sadcloud
A tool for standing up (and tearing down!) purposefully insecure cloud infrastructure
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
sqlmap
Automatic SQL injection and database takeover tool
xerosploit
Efficient and advanced man in the middle framework
zap-api-java
OWASP ZAP Java API
zaproxy
The OWASP ZAP core project