Ferran Celades's starred repositories
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
firefly
Hyperledger FireFly is the first open source Supernode: a complete stack for enterprises to build and scale secure Web3 applications. The FireFly API for digital assets, data flows, and blockchain transactions makes it radically faster to build production-ready apps on popular chains and protocols.
blockscout
Blockchain explorer for Ethereum based network and a tool for inspecting and analyzing EVM based blockchains.
solidity-security-blog
Comprehensive list of known attack vectors and common anti-patterns
building-secure-contracts
Guidelines and training material to write secure smart contracts
CVE-2020-0041
Exploits for Android Binder bug CVE-2020-0041
rust-learning
A bunch of links to blog posts, articles, videos, etc for learning Rust
ethereumbook
Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood
CVE-2019-18634
A functional exploit for CVE-2019-18634, a BSS overflow in sudo's pwfeedback feature that allows for for privesc
learning-v8
Project for learning V8 internals
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
os-tutorial
How to create an OS from scratch
CVE-2019-13272
Linux 4.10 < 5.1.17 PTRACE_TRACEME local root
js-vuln-db
A collection of JavaScript engine CVEs with PoCs
rhme3-writeups
Writeups for the RHME3 Challenges
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
ctf-writeups
Perfect Blue's CTF Writeups
awesome-symbolic-execution
A curated list of awesome symbolic execution resources including essential research papers, lectures, videos, and tools.