Fernando's repositories
Amass
In-depth Attack Surface Mapping and Asset Discovery
assessment-mindset
Security Mindmap that could be useful for the infosec community when doing pentest, bug bounty or red-team assessments.
awesome-bugbounty-tools
A curated list of various bug bounty tools
BurpBounty
Burp Bounty (Scan Check Builder in BApp Store) is a extension of Burp Suite that improve an active and passive scanner by yourself. This extension requires Burp Suite Pro.
CVE-2019-11708
Full exploit chain (CVE-2019-11708 & CVE-2019-9810) against Firefox on Windows 64-bit.
eslint-plugin-security
ESLint rules for Node Security
Firmware_Slap
Discovering vulnerabilities in firmware through concolic analysis and function clustering.
Linux-Privilege-Escalation
This cheatsheet is aimed at the OSCP aspirants to help them understand the various methods of Escalating Privilege on Linux based Machines and CTFs with examples.
MARA_Framework
MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.
Mobile-Security-Framework-MobSF
Mobile Security Framework is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing framework capable of performing static analysis, dynamic analysis, malware analysis and web API testing.
nodebestpractices
:white_check_mark: The largest Node.js best practices list (September 2019)
pentest-wiki
PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.
PENTESTING-BIBLE
This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .Learn Ethical Hacking and penetration testing .hundreds of ethical hacking & penetration testing & red team & cyber security & computer science resources.
prowler
Prowler is an Open Source security tool to perform cloud security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
randomrepo
Repo for random stuff
ScoutSuite
Multi-Cloud Security Auditing Tool
SUDO_KILLER
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo
Toolies
Ad hoc collection of Red Teaming & Active Directory tooling.
validator.js
String validation
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合