Lior Ethan's repositories
Awesome-Asset-Discovery
List of Awesome Asset Discovery Resources
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
OSINT-Framework
OSINT Framework
AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
AVIator
Antivirus evasion project
awesome-container-security
Awesome list of resources related to container security
Awesome-WAF
🔥 Everything awesome about web-application firewalls (WAF).
bettercap-1
The Swiss Army knife for 802.11, BLE and Ethernet networks reconnaissance and MITM attacks.
bootcamp
A open contribute bootcamp to develop DevSecOps skills...
commando-vm
Complete Mandiant Offensive VM (Commando VM), the first full Windows-based penetration testing virtual machine distribution. The security community recognizes Kali Linux as the go-to penetration testing platform for those that prefer Linux. Commando VM is for penetration testers that prefer Windows. We know that building a Windows penetration testing environment can be tedious - we aim to streamline and simplify this process. Commando VM includes over 140 tools.
CVE-2019-0709
dump
cve-2019-1003000-jenkins-rce-poc
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
OpenDoor
OWASP WEB Directory Scanner
Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
routersploit
Exploitation Framework for Embedded Devices
sandmap
Nmap on steroids! Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
scripts-5
Some useful scripts I have written or collected
Shr3dKit
Red Team Tool Kit
termshark
A terminal UI for tshark, inspired by Wireshark
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
Veil
Veil 3.1.X (Check version info in Veil at runtime)
vuln-web-apps
A curated list of vulnerable web applications.
vulscan
Advanced vulnerability scanning with Nmap NSE
WPSeku
WPSeku - Wordpress Security Scanner
XSRFProbe
The Prime Cross Site Request Forgery Audit and Exploitation Toolkit.
ysoserial.net
Deserialization payload generator for a variety of .NET formatters