lichnak

ASVS

Application Security Verification Standard

bandit

Bandit is a tool designed to find common security issues in Python code.

book

Computer Networks: A Systems Approach -- Textbook

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

cloud-custodian-demo

Cloud Custodian example policies that remediate security issues, enforce tagging, and control costs

context-switch

Comparison of Rust async and Linux thread context switch time.

DotnetSpider

DotnetSpider, a .NET standard web crawling library. It is lightweight, efficient and fast high-level web crawling & scraping framework

ebpfsnitch

Linux Application Level Firewall based on eBPF and NFQUEUE.

facebook-rockin-best-automation-selenium-scrape-no-api-tool-bot-machine-made-to-destroy-facebook

Facebook automation: login, like, share, comment, post, delete. Video "in action" is included. The purpose is primarily to destroy the Fakebook platform by filling it with trashy content (or to commit a virtual suicide in there, when you decided to leave all these fcking platforms, for instance). Please install, test and commit your own improvements and features! Thank you!

fake_contacts

Create fake phone contacts, to do data-poisoning.

foss-policy-template

Plain text version of the OSADL Open Source Policy Template: The Basis for License Compliance

gitlab-ci-validate-jwt

Validate a GitLab CI JWT using the keys available at its jwks endpoint

IPRadar2

Real-time detection and defense against malicious network activity and policy violations (exploits, port-scanners, advertising, telemetry, state surveillance, etc.)

Lazymux

termux tool installer

Metasploit_termux

MindAPI

Organize your API security assessment by using MindAPI. It's free and open for community collaboration.

opa

An open source, general-purpose policy engine.

OSCP

Our OSCP repo: from popping shells to mental health.

pkr

Extensive template engine for docker

python-deserialization-attack-payload-generator

Peas create serialized payload for deserialization RCE attack on python driven applications where pickle ,pyYAML, ruamel.yaml or jsonpickle module is used for deserialization of serialized data. I will update it with more attack vectors to targets other modules.

radar

CNCF Tech Radar

scorecard

Security Scorecards - Security health metrics for Open Source

shell-operator

Shell-operator is a tool for running event-driven scripts in a Kubernetes cluster

SocialBox-Termux

SocialBox is a Bruteforce Attack Framework [ Facebook , Gmail , Instagram ,Twitter ] , Coded By Belahsan Ouerghi Edit By init__0 for termux on android

static-analysis

A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

Termux-Kali

Install Kali Linux on Android using Termux!

tpm2-pkcs11

A PKCS#11 interface for TPM2 hardware

traitor

Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins :arrow_up: :skull_and_crossbones:

wstg

The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

zaproxy-website

The source of OWASP ZAP website