Lior Ethan's repositories
awesome-devsecops
An authoritative list of awesome devsecops tools with the help from community experiments and contributions.
inject-sec-to-devops
Security tools that you can inject into devops
pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
Scanners-Box
A powerful hacker toolkit collected more than 10 categories of open source scanners from Github - 安全行业从业者自研开源扫描器合辑
Andromeda
Andromeda - Interactive Reverse Engineering Tool for Android Applications
API-Security
OWASP API Security Project
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
archerysec
Centralize Vulnerability Assessment and Management for DevSecOps Team
bane
Custom & better AppArmor profile generator for Docker containers.
chainoffools
A PoC for CVE-2020-0601
django-DefectDojo
DefectDojo is an open-source application vulnerability correlation and security orchestration tool.
docem
Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
Docker
Docker playground
docker-bench-security
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
Docker-Security
Getting a handle on container security
DockerPwn.py
Python automation of Docker.sock abuse
Hacking-Security-Ebooks
Top 100 Hacking & Security E-Books (Free Download)
k8s-security
Kubernetes security notes and best practices
kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
kube-hunter
Hunt for security weaknesses in Kubernetes clusters
kubeaudit
kubeaudit helps you audit your Kubernetes clusters against common security controls
kubernetes-network-policy-recipes
Example recipes for Kubernetes Network Policies that you can just copy paste
shhgit
Find GitHub secrets in real time
truffleHog
Searches through git repositories for high entropy strings and secrets, digging deep into commit history
Wappalyzer
Cross-platform utility that uncovers the technologies used on websites.
ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
Z0FCourse_ReverseEngineering
Reverse engineering course by Z0F. Focuses on x64 Windows.