Pedro Araujo's repositories
infosec-resources
A list of helpful cybersecurity / infosec resources
OSINT-Brazuca
Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.
Telefonica-CTF
Workshop focado em ensinar o caminho das pedras e os "pulos do gato".
bfac
BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code.
bugBountyTemplates
List of reporting templates I have used since I started doing BBH.
credentialLeakDB
A database for storing, querying and doing stats on credential leaks
DeepPass
Hunting for passwords with deep learning
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
eyeballer
Convolutional neural network for analyzing pentest screenshots
JNDI-Exploit-Kit
JNDI-Exploitation-Kit(A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps vulnerable to JNDI Injection)
KingOfBugBountyTips
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..
kiterunner
Contextual Content Discovery Tool
malicious-pdf
💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh
MidJourney-Styles-and-Keywords-Reference
A reference containing Styles and Keywords that you can use with MidJourney AI. There are also pages showing resolution comparison, image weights, and much more!
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
pastebin-scraper
Live-scraping pastebin to fight boredom.
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
Profil3r
OSINT tool that allows you to find a person's accounts and emails + breached emails 🕵️
sd-enable-textual-inversion
Copy these files to your stable-diffusion to enable text-inversion
the-nuclei-templates
Nuclei templates written by us.
TrashSearch
Searching the TrashPanda OSINT bot API to check if your email/domain or password was leaked or not