Ashwin Goel's starred repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
trufflehog
Find, verify, and analyze leaked credentials
dockerfiles
Various Dockerfiles I use on the desktop and on servers.
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
ScoutSuite
Multi-Cloud Security Auditing Tool
aws-well-architected-labs
Hands on labs and code to help you learn, measure, and build using architectural best practices.
bucket-stream
Find interesting Amazon S3 Buckets by watching certificate transparency logs.
cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
AWSBucketDump
Security Tool to Look For Interesting Files in S3 Buckets
secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
cka-practice-environment
A sample lab test environment to help in preparation of CKA certification.
awesome-serverless-security
A curated list of awesome serverless security resources such as (e)books, articles, whitepapers, blogs and research papers.
nimbostratus
Tools for fingerprinting and exploiting Amazon cloud infrastructures
DarkScrape
OSINT Tool For Scraping Dark Websites
datasploit
Utilizing various Open Source Intelligence (OSINT) tools and techniques that we have found to be effective, DataSploit brings them all into one place, correlates the raw data captured and gives the user, all the relevant information about the domain/email/ phone number/person, etc. It allows you to collect relevant information about a target which can expand your attack/defence surface very quickly. Sometimes it might even pluck the low hanging fruits for you without even touching the target and give you quick wins. More documentation here: http://datasploit.readthedocs.io/en/latest/.
techloop-ml-plus
Archives and Tasks for ML+ sessions
techloop-w-plus
Archives of webdev sessions
online-community-management
Developed a forum using Express JS, Node JS, Mongo Db wherein people can grow together by asking questions from the community and getting answers from the members. The forum is secured using an authentication system.