RoiSec's repositories
archerysec
Centralize Vulnerability Assessment and Management for DevSecOps Team
aws-amplify-auth-starters
Starter projects for developers looking to build web & mobile applications that have Authentication & protected routing
aws-cognito-spa-demo
Integrating Amazon Cognito With Single Page Application (Vue.js).
byp4xx
Pyhton script for HTTP 40X responses bypassing. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials and fuzzing.
CVE-2021-44228-Scanner
Vulnerability scanner and mitigation patch for Log4j2 CVE-2021-44228
dev-landing-page
Minimal landing page for developers
gitleaks-action
run gitleaks in a gitleaks action
hackingthe.cloud
An encyclopedia for offensive and defensive security knowledge in cloud native technologies.
HolyTips
A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.
israeli-bank-scrapers
Provide scrapers for all major Israeli banks and credit card companies
microservices-demo
Sample cloud-first application with 10 microservices showcasing Kubernetes, Istio, and gRPC.
moneyman
Automatically save transactions from all major Israeli banks and credit card companies, using GitHub actions (or a self hosted docker image)
OSCP
OSCP Cheat Sheet
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
plex_debrid
Plex torrent streaming through Debrid Services
rengine
reNgine
spring-rce-vulnerable-app
Spring Boot web application vulnerable to Log4Shell (CVE-2021-44228) and the possible Spring RCE vulnerability.
ssrf_filter
A ruby gem for defending against Server Side Request Forgery (SSRF) attacks
stratus-red-team
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud
TGBot
Google Apps Script library for working with the Telegram API.
ThreatMapper
🔥 🔥 Open source cloud native security observability platform. Linux, K8s, AWS Fargate and more. 🔥 🔥
vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
wafefficacy
Measures the effectiveness of your Web Application Firewall (WAF)