curiousseclady

curiousseclady's starred repositories

Photon

Incredibly fast crawler designed for OSINT.

Language:PythonGPL-3.010943 323 105

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

Language:CMIT9612 350 267

Mindmap

This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

6862 216 12

wafw00f

WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.

Language:PythonBSD-3-Clause5194 140 98

apkleaks

Scanning APK file for URIs, endpoints & secrets.

Language:PythonApache-2.04874 79 58

afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

Language:GoMIT3388 52 111

CloudPentestCheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

MIT2550 103 1

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.

Language:CMIT2251 23 15

awesome-exploit-development

A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development

MIT1880 107 1

TeamsPhisher

Send phishing messages and attachments to Microsoft Teams users

Language:Python1028 10 27

InternalAllTheThings

Active Directory and Internal Pentest Cheatsheets

Language:HTML897 100

AWS-IAM-Privilege-Escalation

A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.

BSD-3-Clause892 33 1

GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

Language:PowerShellMIT859 18 11

nowafpls

Burp Plugin to Bypass WAFs through the insertion of Junk Data

Language:Python846 9 6

secator

secator - the pentester's swiss knife

Language:PythonNOASSERTION811 11 267

BChecks

BChecks collection for Burp Suite Professional and Burp Suite Enterprise Edition

LGPL-3.0616 23 72

graphw00f

graphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint.

Language:PythonBSD-3-Clause550 7 16

ThievingFox

Language:PythonMIT476 90

horus

An OSINT / digital forensics tool built in Python

Language:PythonGPL-3.0318 8 9

terraform-iam-policy-validator

A command line tool that validates AWS IAM Policies in a Terraform template against AWS IAM best practices

Language:PythonMIT-0296 5 11

GCP-Pentest-Checklist

213 70

www-project-ai-security-and-privacy-guide

OWASP Foundation Web Respository

Language:HTML199 31 13

RedTeam

This repo offers notes and resources on ethical hacking, covering information gathering, scanning, web hacking, exploitation, and Windows/Linux hacking.

140 5 1