kingx48's repositories
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
API-SecurityEmpire
API Security Projecto aims to present unique attack & defense methods in API Security field
AutomatedLab
AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2019, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
aws-security-reference-architecture-examples
Example solutions demonstrating how to implement patterns within the AWS Security Reference Architecture guide using CloudFormation and Customizations for AWS Control Tower.
AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
bbrf-server
The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices
Bugbounty-Checklist
Tips and Tutorials for Bug Bounty and also Penetration Tests.
cloud-security-remediation-guides
Security Remediation Guides
cve
Gather and update all available and newest CVEs with their POC.
ddosify
High-performance load testing tool, written in Golang.
deepdarkCTI
Collection of Cyber Threat Intelligence sources from the deep and dark web
EvilSelenium
EvilSelenium is a tool that weaponizes Selenium to attack Chrome.
FBI-tools
Tools for gathering information and actions forensic
goop
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
gotestwaf
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
jaeles
The Swiss Army knife for automated Web Application Testing
karma_v2
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
metasploit-framework
Metasploit Framework
msdorkdump
Google Dork File Finder
nmap-nse-vulnerability-scripts
NMAP Vulnerability Scanning Scripts
Nuclei-BurpExtension
Simple extension that allows to run nuclei scanner directly from burp and transforms json results into the issues.
opencti
Open Cyber Threat Intelligence Platform
prowler
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
public-apis
A collective list of free APIs
qiling
Qiling Advanced Binary Emulation Framework
resources-1
A curated list of different pentesting resources
Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
shosubgo
Small tool to Grab subdomains using Shodan api.
sqlmap
Automatic SQL injection and database takeover tool
sysmon-config
Advanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events with wide CVE Coverage, and Risk Scoring of CVE, UEBA, Forensic, and MITRE ATT&CK Events.