Security Panda's starred repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
opensnitch
OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
DependencyCheck
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Awesome-WAF
🔥 Web-application firewalls (WAFs) from security standpoint.
TinyCheck
TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs). In order to make it working, you need a computer with a Debian-like operating system and two Wi-Fi interfaces. The best choice is to use a Raspberry Pi (2+) a Wi-Fi dongle and a small touch screen. This tiny configuration (for less than $50) allows you to tap any Wi-Fi device, anywhere.
awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
nmapAutomator
A script that you can run in the background!
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Hacking-with-Go
Golang for Security Professionals
dockerscan
Docker security analysis & hacking tools
awesome-python-talks
:clapper: :mortar_board: An opinionated list of awesome videos related to Python, with a focus on training and gaining hands-on experience.
domxsswiki
Automatically exported from code.google.com/p/domxsswiki
phishing-frenzy-templates
Phishing Scenarios Used for Phishing Frenzy
which-cloud
given an ip address, return which cloud provider it belongs to (AWS, GCE, etc)
dependency-check-py
:closed_lock_with_key: Shim to easily install OWASP dependency-check-cli into Python projects
HandyHeaderHacker
Examine HTTP response headers for common security issues
cloud-metadata-services
List of metadata service endpoints for different cloud providers for your pentesting needs.