talk2noob's repositories
advanced_aws_security_infrastructure
Sample CloudFormation templates and code for advanced AWS security.
attacking-and-auditing-docker-containers-and-kubernetes-clusters
Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters
aws-serverless-security-workshop
In this workshop, you will learn techniques to secure a serverless application built with AWS Lambda, Amazon API Gateway and RDS Aurora. We will cover AWS services and features you can leverage to improve the security of a serverless applications in 5 domains: identity & access management, code, data, infrastructure, logging & monitoring.
breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
container_training-1
Container Security and Serverless Training
CVE-2019-12409
Apache Solr RCE (ENABLE_REMOTE_JMX_OPTS="true")
distributed-jwt-cracker
An experimental distributed JWT token cracker built using Node.js and ZeroMQ
DotNetInject
Code samples of .NET shellcode injections, weaponized for use via WebDav and mshta.exe.
jwt_demo
A Demo App for JWT Implementation
jwtcat
A CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
My-Shodan-Scripts
Collection of Scripts for shodan searching stuff.
orchestron-community
Orchestron is an Application Vulnerability Management and Correlation Tool.Orchestron helps you solve one key problem "Find and fix vulnerabilities early in the lifecycle"
pentest-guide
Penetration tests guide based on OWASP including test cases, resources and examples.
pentest-tools
Custom pentesting tools
personal-security-checklist
đź”’ A curated checklist of 300+ tips for protecting digital security and privacy in 2020
practical-python
Practical Python Programming (course by @dabeaz)
Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
Serverless-Workshop
Serverless Workshop
solr-injection
Apache Solr Injection Research
sweetie-data
This repo contains logstash of various honeypots
SwiftnessX
A cross-platform note-taking & target-tracking app for penetration testers.
ThreatPlaybook
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
Vulnerable-Flask-App
Intentionally Vulnerable Flask app for use in Demos
wasec
Examples of security features (or mishaps) on web applications -- these are mostly examples and tutorials from the WASEC book.
YetAnotherSMSBomber
Clean, small and powerful SMS bomber script.