Hi Im Yoda!'s repositories
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
Application-Security-Engineer-Interview-Questions
Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
awesome
😎 Awesome lists about all kinds of interesting topics
awesome-api-devtools
:books: A collection of useful resources for building RESTful HTTP+JSON APIs.
awesome-api-security
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
awesome-bug-bounty
A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.
Awesome-Ethical-Hacking-Resources
🔗 All the resources I could find for learning Ethical Hacking and Penetration Testing.
awesome-pentest-cheat-sheets
Collection of the cheat sheets useful for pentesting
awesome-web-security
🐶 A curated list of Web Security materials and resources.
channel-content
Techlore video channel content & more.
devops-exercises
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions
DevSecOps-Playbook
This is a step-by-step guide to implementing a DevSecOps program for any size organization
GOAD
game of active directory
google-dorks
Useful Google Dorks for WebSecurity and Bug Bounty
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
infosec-dorks
A Personal Collection of Infosec Dorks
kali-linux-cheatsheet
Kali Linux Cheat Sheet for Penetration Testers
Nuclei-Templates-Collection
Nuclei Templates Collection
oshp-validator
Venom tests suite to validate an HTTP security response headers configuration against OSHP recommendation.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2022
pwst-resources
Resources for Students in the Practical Webapp Security and Testing course
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
styleguide
Style guides for Google-originated open-source projects
the-practical-linux-hardening-guide
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
Web-App-Pentest-Checklist
A OWASP Based Checklist With 500+ Test Cases
wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.