Giters
pop36

pop36

Geek Repo

0

followers

3

following

113

stars

Github PK Tool:Github PK Tool

pop36's starred repositories

Vulnerable-OAuth-2.0-Applications

vulnerable OAuth 2.0 applications: understand the security implications of your OAuth 2.0 decisions.

Language:JavaScriptStargazers:304Issues:0Issues:0

oauth-2.0-security-cheat-sheet

oauth security guidelines

Stargazers:219Issues:0Issues:0

chain-bench

An open-source tool for auditing your software supply chain stack for security compliance based on a new CIS Software Supply Chain benchmark.

Language:GoLicense:Apache-2.0Stargazers:714Issues:0Issues:0

amass

In-depth attack surface mapping and asset discovery

Language:GoLicense:NOASSERTIONStargazers:11632Issues:0Issues:0

subfinder

Fast passive subdomain enumeration tool.

Language:GoLicense:MITStargazers:9778Issues:0Issues:0

ssc-reading-list

A reading list for software supply-chain security.

Stargazers:361Issues:0Issues:0

aws_exposable_resources

Resource types that can be publicly exposed on AWS

Stargazers:308Issues:0Issues:0

bottlerocket

An operating system designed for hosting containers

Language:RustLicense:NOASSERTIONStargazers:8449Issues:0Issues:0

container.training

Slides and code samples for training, tutorials, and workshops about Docker, containers, and Kubernetes.

Language:ShellLicense:NOASSERTIONStargazers:3584Issues:0Issues:0

stackrox

The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.

Language:GoLicense:Apache-2.0Stargazers:1093Issues:0Issues:0

Web3

This is where we dump all the web 3 infromation

Stargazers:40Issues:0Issues:0

Incident-Playbook

GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]

License:MITStargazers:1384Issues:0Issues:0

DevSecOps-Playbook

This is a step-by-step guide to implementing a DevSecOps program for any size organization

License:GPL-3.0Stargazers:1859Issues:0Issues:0

awesome-security-hardening

A collection of awesome security hardening guides, tools and other resources

Stargazers:5235Issues:0Issues:0

wrongsecrets

Vulnerable app with examples showing how to not use secrets

Language:JavaLicense:AGPL-3.0Stargazers:1186Issues:0Issues:0

aws-customer-security-incidents

A repository of breaches of AWS customers

License:GPL-3.0Stargazers:675Issues:0Issues:0

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Language:PythonLicense:BSD-3-ClauseStargazers:2841Issues:0Issues:0

awesome-list-of-secrets-in-environment-variables

🦄🔒 Awesome list of secrets in environment variables 🖥️

Stargazers:858Issues:0Issues:0

mihari

A query aggregator for OSINT based threat hunting

Language:RubyLicense:MITStargazers:843Issues:0Issues:0

cloud-security-remediation-guides

Security Remediation Guides

Stargazers:693Issues:0Issues:0

awesome-kubernetes-security

A curated list of awesome Kubernetes security resources

Stargazers:892Issues:0Issues:0

csp_security_mistakes

This repo has been replaced by https://www.cloudvulndb.org

Stargazers:719Issues:0Issues:0

GOAD

game of active directory

Language:PowerShellLicense:GPL-3.0Stargazers:4805Issues:0Issues:0

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPLicense:MITStargazers:56101Issues:0Issues:0

MicrosoftSentinel-ShodanMonitor

Ingesting Shodan Monitor Alerts to Microsoft Sentinel

License:MITStargazers:33Issues:0Issues:0

SecureSoftwareSupplyChain

This repo is a consolidation of Secure Software Supply Chain resources, such as talks, whitepapers, conferences and more.

License:Apache-2.0Stargazers:136Issues:0Issues:0

ssh-audit

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Language:PythonLicense:MITStargazers:3260Issues:0Issues:0

API-s-for-OSINT

List of API's for gathering information about phone numbers, addresses, domains etc

License:CC0-1.0Stargazers:1424Issues:0Issues:0

Fast-Google-Dorks-Scan

The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.

Language:ShellStargazers:1375Issues:0Issues:0

Passhunt

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Language:PythonLicense:GPL-3.0Stargazers:1174Issues:0Issues:0