powned's repositories
k8s-hardening
Secure your Kubernetes cluster with the most good practices from CIS in a automated way using Ansible.
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
binwalk
Firmware Analysis Tool
brownie
A Python-based development and testing framework for smart contracts targeting the Ethereum Virtual Machine.
CrackMapExec
A swiss army knife for pentesting networks
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
EvilCrow-RF
Evil Crow RF device.
HardeningKitty
HardeningKitty - Checks and hardens your Windows configuration
Havoc
The Havoc Framework.
IoTSecurity101
A Curated list of IoT Security Resources
kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
kube-goat
A deliberately vulnerable Kubernetes cluster
ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
mimikatz
A little tool to play with Windows security
modelscan
Protection against Model Serialization Attacks
mutillidae
OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security training. This is an easy-to-use web hacking environment designed for labs, security enthusiasts, classrooms, CTF, and vulnerability assessment tool targets.
OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
picklescan
Security scanner detecting Python Pickle files performing suspicious actions
prowler
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
Snaike-Kubeflow
Scanner and exploit tool for Kubeflow versions <=1.7.0
Snaike-MLflow
MLflow red team toolsuite
social-engineer-toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
theHarvester
E-mails, subdomains and names Harvester - OSINT
WebGoat
WebGoat is a deliberately insecure application
windows_hardening
HardeningKitty and Windows Hardening settings and configurations
XSStrike
Most advanced XSS scanner.