bilalaazzani Goto Github PK

api-securityempire

API Security Projecto aims to present unique attack & defense methods in API Security field

awesome-azure-architecture

AWESOME-Azure-Architecture

awesome-bugbounty-writeups

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

awesome-red-team-operations

awesome-vehicle-security

🚗 A curated list of resources for learning about vehicle security and car hacking.

bbht

A script to set up a quick Ubuntu 17.10 x64 box with tools I use.

blackdex

BlackDex is an Android unpack(dexdump) tool, it supports Android 5.0~12 and need not rely to any environment. BlackDex can run on any Android mobile phone or emulator, you can unpack APK File in several seconds.

bug-bounty-wordlists

A repository that includes all the important wordlists used while bug hunting.

can-utils

Linux-CAN / SocketCAN user space applications

catalyst

Catalyst is a SOAR system that helps to automate alert handling and incident response processes

classnotfound

cloud-security-remediation-guides

Security Remediation Guides

container-security-checklist

Checklist for container security - devsecops practices

cop

Web-based Collaborative Common Operating Picture Tool (COP)

cr3dov3r

Know the dangers of credential reuse attacks.

cve

Gather and update all available and newest CVEs with their PoC.

cyberthreathunting

A collection of resources for Threat Hunters - Sponsored by Falcon Guard

damn-vulnerable-graphql-application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

dapptools

Dapp, Seth, Hevm, and more

diva-android

DIVA Android - Damn Insecure and vulnerable App for Android

dvid

Damn Vulnerable IoT Device

ethereumbook

Mastering Ethereum, by Andreas M. Antonopoulos, Gavin Wood

getjs

A tool to fastly get all javascript sources/files

gitgraber

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

goatcasino

This is an intentionally vulnerable smart contract truffle deployment aimed at allowing those interested in smart contract security to exploit a wide variety of issues in a safe environment.

hakrawler

Simple, fast web crawler designed for easy, quick discovery of endpoints and assets within a web application

hazprone

HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabling you to pentest Vulnerabilities within, and hence, gain a better understanding of what could go wrong and why!!

holytips

A Collection of Notes, Checklists, Writeups on Bug Bounty Hunting and Web Application Security.

ids

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.