hugobiller's repositories
Android-Reports-and-Resources
A big list of Android Hackerone disclosed reports and other resources.
assemblyline-base
Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)
brokencrystals
A Broken Application - Very Vulnerable!
container-security-checklist
Checklist for container security - devsecops practices
DevSecOps
Ultimate DevSecOps library
falco
Cloud Native Runtime Security
fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
ggshield
Detect secrets in source code, scan git repos, and use pre commit hooks to prevent API key leaks.
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
kube-hunter
Hunt for security weaknesses in Kubernetes clusters
kubesec
Security risk analysis for Kubernetes resources
MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
Microsoft-Activation-Scripts
A Windows and Office activator using HWID / KMS38 / Online KMS activation methods, with a focus on open-source code and fewer antivirus detections.
objection
📱 objection - runtime mobile exploration
privado
Open Source Static Scanning tool to detect data flows in your code, find data security vulnerabilities & generate accurate Play Store Data Safety Report.
qark
Tool to look for several security related Android application vulnerabilities
rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with mi
repository-scanner
Tool to detect secrets in source code management systems.
scan4all
vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)...
security-champion-framework
The Security Champion Framework provides both a measuring stick and a roadmap generator for Champion Programs.
security-champions-playbook
Security Champions Playbook v 2.1
semgrep-rules
Semgrep rules registry
terrascan
Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure.
tfsec
Security scanner for your Terraform code
threat-dragon
An open source, online threat modeling tool from OWASP
Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.
ysoserial.net
Deserialization payload generator for a variety of .NET formatters