f00bar's starred repositories
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
wycheproof
Project Wycheproof tests crypto libraries against known attacks.
AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
CVE-2021-4034
CVE-2021-4034 1day
DongTai
Dongtai IAST is an open-source Interactive Application Security Testing (IAST) tool that enables real-time detection of common vulnerabilities in Java applications and third-party components through passive instrumentation. It is particularly suitable for use in the testing phase of the development pipeline.
Bug-Bounty-Wordlists
A repository that includes all the important wordlists used while bug hunting.
Invisi-Shell
Hide your Powershell script in plain sight. Bypass all Powershell security features
CVE-2021-4034
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec (CVE-2021-4034)
404StarLink-Project
Focus on promoting the evolution of tools in different aspects of security research.专注于推动安全研究各个领域工具化.(项目收录逐步迁移至 https://github.com/knownsec/404StarLink)
osint-tools
OSINT open-source tools catalog
can-i-take-over-dns
"Can I take over DNS?" — a list of DNS providers and how to claim (sub)domains via missing hosted zones
EvilSelenium
EvilSelenium is a tool that weaponizes Selenium to attack Chromium based browsers.
WSL-Handbook
Guía definitiva para Windows Subsystem for Linux
osint-suite-tools
Repositorio del conjunto de herramientas para hacer OSINT y SOCMINT con Dante's Gates Minimal Version.
Phirautee
A proof of concept crypto virus to spread user awareness about attacks and implications of ransomwares. Phirautee is written purely using PowerShell and does not require any third-party libraries. This tool steals the information, holds an organisation’s data to hostage for payments or permanently encrypts/deletes the organisation data.
portable-data-exfiltration
This repo contains all the injections mentioned in my talk and enumerators.
AD-AutomationLab
Herramienta en PowerShell ideal para desplegar tu propio entorno AD vulnerable de forma automatizada.
CVE-2020-5902-Scanner
Automated script for F5 BIG-IP scanner (CVE-2020-5902) using hosts retrieved from Shodan API.