nevermoe

nevermoe's starred repositories

CheatSheetSeries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

Language:PythonCC-BY-SA-4.027308 568 439

git-secrets

Prevents you from committing secrets and credentials into git repositories

Language:ShellApache-2.012202 196 137

BloodHound

Six Degrees of Domain Admin

Language:PowerShellGPL-3.09643 378 509

beef

The Browser Exploitation Framework Project

Language:JavaScript9622 441 2145

checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Language:PythonApache-2.06799 60 1773

steampipe

Zero-ETL, infinite possibilities. Live query APIs, code & more with SQL. No DB required.

Language:GoAGPL-3.06742 43 2112

git-credential-manager

Secure, cross-platform Git credential storage with authentication to GitHub, Azure Repos, and other popular Git hosting services.

Language:C#NOASSERTION6482 235 674

cloud-custodian

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Language:PythonApache-2.05324 165 4094

palera1n

Jailbreak for A8 through A11, T2 devices, on iOS/iPadOS/tvOS 15.0, bridgeOS 5.0 and higher.

Language:CMIT4764 172 198

hayabusa

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

Language:RustGPL-3.02111 39 612

reFlutter

Flutter Reverse Engineering Framework

Language:PythonGPL-3.01613 27 97

aws-config-rules

[Node, Python, Java] Repository of sample Custom Rules for AWS Config.

Language:PythonCC0-1.01585 122 159

frida-interception-and-unpinning

Frida scripts to directly MitM all HTTPS traffic from a target mobile application

Language:JavaScriptAGPL-3.0966 21 90

regula

Regula checks infrastructure as code templates (Terraform, CloudFormation, k8s manifests) for AWS, Azure, Google Cloud, and Kubernetes security and compliance using Open Policy Agent/Rego

Language:Open Policy AgentApache-2.0948 30 116

frida-il2cpp-bridge

A Frida module to dump, trace or hijack any Il2Cpp application at runtime, without needing the global-metadata.dat file.

Language:TypeScriptMIT937 19 240

Untitled Goose Tool is a robust and flexible hunt and incident response tool that adds novel authentication and data gathering methods in order to run a full investigation against a customer’s Azure Active Directory (AzureAD), Azure, and M365 environments.

Language:PythonCC0-1.0902 17 42

trivy-action

Runs Trivy as GitHub action to scan your Docker container image for vulnerabilities

Language:ShellApache-2.0743 11 213

aws-azure-login

Use Azure AD SSO to log into the AWS via CLI.

Language:TypeScriptMIT590 22 181

EnableWindowsLogSettings

Documentation and scripts to properly enable Windows event logs.

Language:BatchfileGPL-3.0512 11 6

aws-securityhub-multiaccount-scripts

This script automates the process of running the Security Hub multi-account workflow across a group of accounts that are in your control

Language:PythonMIT-0269 14 34

iam-identity-center-team

Open-source temporary elevated access solution for AWS IAM Identity Center.

Language:JavaScriptMIT-0266 10 158

jit-access

Just-In-Time Access is a self-service web application that lets you manage just-in-time privileged access to Google Cloud projects. JIT Access runs on App Engine and Cloud Run.

Language:JavaApache-2.0236 22 87