Iskandar Rafik's starred repositories
personal-security-checklist
đź”’ A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
prowler
Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
log4jscanner
A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.
CrossLinked
LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping
log4j-affected-db
A community sourced list of log4j-affected software
UltimateWDACBypassList
A centralized resource for previously documented WDAC bypass techniques
iam-vulnerable
Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.
graphql-cop
Security Auditor Utility for GraphQL APIs
log4j-sniffer
A tool that scans archives to check for vulnerable log4j versions
RussiaDNSLeak
Summary and archives of leaked Russian TLD DNS data
terraform-goof
A demo repo showcasing Snyk's IAC offering for terraform