drwetter

followers

following

stars

Hamburg, Germany

https://testssl.sh

Dirk Wetter's starred repositories

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:PythonMIT58587 18120

MalwareSourceCode

Collection of malware source code for a variety of platforms in an array of different programming languages.

Language:Assembly15424 736 63

lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Language:ShellGPL-3.012836 349 835

GTFOBins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Language:HTMLGPL-3.010415 142 47

semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Language:OCamlLGPL-2.110118 104 2917

Probable-Wordlists

Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!

CC-BY-SA-4.08547 362 51

android-security-awesome

A collection of android security related resources

Language:ShellApache-2.07904 426 41

monkey

Infection Monkey - An open-source adversary emulation platform

Language:PythonGPL-3.06571 241 1518

traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Language:GoMIT6567 125 42

PoC-in-GitHub

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

ja3

JA3 is a standard for creating SSL client fingerprints in an easy to produce and shareable way.

Language:PythonBSD-3-Clause2629 98 52

c-jwt-cracker

JWT brute force cracker written in C

Language:CMIT2347 42 15

coreruleset

OWASP CRS (Official Repository)

Language:PythonApache-2.02098 53 2586

graudit

grep rough audit - source code auditing tool

Language:ShellGPL-3.01450 36 24

openvas-docker

A Docker container for Openvas

Language:DockerfileMIT755 46 126

Applied-Crypto-Hardening

Best Current Practices regarding secure online communication and configuration of services using cryptography.

Language:TeX704 87 176

debian-cis

PCI-DSS compliant Debian 10/11/12 hardening

Language:ShellNOASSERTION691 37 83

tls-observatory

An observatory for TLS configurations, X509 certificates, and more.

Language:GoMPL-2.0527 54 195

docker-onion-nmap

Scan .onion hidden services with nmap using Tor, proxychains and dnsmasq in a minimal alpine Docker container.

Language:Shell457 39 1

LinuxFlaw

This repo records all the vulnerabilities of linux software I have reproduced in my local workspace

Language:C398 360

nimue

Nimue is a simple Python script for jailbreaking Sony Bravia TVs.

Language:PythonGPL-3.0230 32 9

training-kubernetes-security

Language:Jupyter NotebookNOASSERTION174 7 2

striptls

proxy poc implementation of STARTTLS stripping attacks

Language:PythonCC0-1.0167 17 2

smtpsmug

Language:Python0BSD94 8 4

alpine-containertools

docker image with useful network and container tools and SSH

Language:Shell59 3 1

terraform-burp-collaborator

Terraform configuration to build a Burp Private Collaborator Server

Language:HCL25 4 3

german-owasp-day

German OWASP Day conference site & presentation archive

Language:HTML19 22 1

secpw

Secure random passwords in Javascript

Language:HTML0BSD13 30

msc_retest

A minimalistic tool to help measuring the runtime of regular expressions

Language:CApache-2.07 30

automate_tomcat

Shellscript to automate installation, update checks and updates of Tomcat

Language:ShellGPL-3.04 40