i-sylar

awesome-devsecops

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

cybersecurity-career-path

Cybersecurity Career Path

DevSecOps

🔱 Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎

owasp-mstg

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.

twint

An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

android-SSL-unpinning

Bypassing android application SSL-pinning

awesome-devsecops-1

Curating the best DevSecOps resources and tooling.

awesome-security

A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.

aws-recon

Multi-threaded AWS inventory collection tool with a focus on security-relevant resources and metadata.

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

community-templates

Zabbix Community Templates repository

cook

An overpower wordlist generator, splitter, merger, finder, permutator, encoder, decoder.. Frustration killer. Customizable. The Wordlist Framework.

DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

django-DefectDojo

DefectDojo is a DevSecOps and vulnerability management tool.

dumps

Gf-Patterns

GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep

github-dorks

Find leaked secrets via github search

go-dork

The fastest dork scanner written in Go.

kube_security_lab

kubernetes-goat

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

log4j-shell-poc

A Proof-Of-Concept for the CVE-2021-44228 vulnerability.

Resources-for-Beginner-Bug-Bounty-Hunters

A list of resources for those interested in getting started in bug bounties

ScoutSuite

Multi-Cloud Security Auditing Tool

secDevLabs

A laboratory for learning secure web and mobile development in a practical manner.

security-study-plan

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

skf-labs

Repo for all the OWASP-SKF Docker lab examples

Sublist3r

Fast subdomains enumeration tool for penetration testers

vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios in the means of Exercises.

www-project-kubernetes-top-ten

OWASP Foundation Web Respository

xssmap