Giters
Iskandar Rafik (w32)

w32

Geek Repo

11

followers

15

following

191

stars

Github PK Tool:Github PK Tool

Iskandar Rafik's starred repositories

personal-security-checklist

đź”’ A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

Language:TypeScriptLicense:NOASSERTIONStargazers:16427Issues:213Issues:80

katana

A next-generation crawling and spidering framework.

Language:GoLicense:MITStargazers:10543Issues:89Issues:275

prowler

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more

Language:PythonLicense:Apache-2.0Stargazers:10351Issues:125Issues:864

fq

jq for binary formats - tool, language and decoders for working with binary and text formats

Language:GoLicense:NOASSERTIONStargazers:9644Issues:49Issues:72

semgrep

Lightweight static analysis for many languages. Find bug variants with patterns that look like source code.

Language:OCamlLicense:LGPL-2.1Stargazers:8966Issues:91Issues:2725

falco

Cloud Native Runtime Security

Language:C++License:Apache-2.0Stargazers:7140Issues:128Issues:1237

tfsec

Tfsec is now part of Trivy

Language:GoLicense:MITStargazers:6621Issues:71Issues:0

flux2

Open and extensible continuous delivery solution for Kubernetes. Powered by GitOps Toolkit.

Language:GoLicense:Apache-2.0Stargazers:6175Issues:68Issues:1315

RedEye

RedEye is a visual analytic tool supporting Red & Blue Team operations

Language:TypeScriptLicense:BSD-3-ClauseStargazers:2638Issues:44Issues:30

nexfil

OSINT tool for finding profiles by username

Language:PythonLicense:MITStargazers:2171Issues:26Issues:36

log4shell

Operational information regarding the log4shell vulnerabilities in the Log4j logging library.

Language:PythonStargazers:1891Issues:69Issues:98

talisman

Using a pre-commit hook, Talisman validates the outgoing changeset for things that look suspicious — such as tokens, passwords, and private keys.

Language:GoLicense:MITStargazers:1869Issues:42Issues:216

log4jscanner

A log4j vulnerability filesystem scanner and Go package for analyzing JAR files.

Language:GoLicense:Apache-2.0Stargazers:1565Issues:19Issues:20

ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

Language:Open Policy AgentLicense:CC0-1.0Stargazers:1487Issues:46Issues:858

Damn-Vulnerable-GraphQL-Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable GraphQL service implementation designed for learning about and practising GraphQL Security.

Language:JavaScriptLicense:MITStargazers:1470Issues:27Issues:32

Goby

Attack surface mapping

Stargazers:1365Issues:31Issues:492

CrossLinked

LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

Language:PythonLicense:GPL-3.0Stargazers:1217Issues:29Issues:17

log4j-affected-db

A community sourced list of log4j-affected software

Language:ShellLicense:CC0-1.0Stargazers:1121Issues:85Issues:154

legitify

Detect and remediate misconfigurations and security risks across all your GitHub and GitLab assets

Language:GoLicense:Apache-2.0Stargazers:752Issues:17Issues:71

DSP

A Microservices-based framework for the study of Network Security and Penetration Test techniques

Language:JavaScriptLicense:MITStargazers:568Issues:30Issues:59

UltimateWDACBypassList

A centralized resource for previously documented WDAC bypass techniques

Stargazers:465Issues:14Issues:1

iam-vulnerable

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

Language:HCLLicense:MITStargazers:456Issues:18Issues:3

NginxDay

Nginx 18.1 04/09/22 zero-day repo

Stargazers:367Issues:90Issues:4

graphql-cop

Security Auditor Utility for GraphQL APIs

Language:PythonLicense:MITStargazers:330Issues:3Issues:13

kube_security_lab

Language:ShellStargazers:228Issues:15Issues:12

log4j-sniffer

A tool that scans archives to check for vulnerable log4j versions

Language:GoLicense:Apache-2.0Stargazers:192Issues:211Issues:17

RussiaDNSLeak

Summary and archives of leaked Russian TLD DNS data

Stargazers:181Issues:14Issues:1

snowcat

a tool to audit the istio service mesh

Language:GoLicense:Apache-2.0Stargazers:173Issues:14Issues:3

terraform-goof

A demo repo showcasing Snyk's IAC offering for terraform

Language:HCLStargazers:12Issues:14Issues:0

qconnector

Language:PythonStargazers:1Issues:3Issues:0