Brazilian OSINT Sources

OpenTofu lets you declaratively manage your cloud infrastructure.

kuik is a container image caching system for Kubernetes

Community curated list of templates for the nuclei engine to find security vulnerabilities.

Fast web fuzzer written in Go

An example pipeline for executing HashiCorp Terraform with ephemeral cloud provider credentials managed by HashiCorp Vault

Cloud cost estimates for Terraform in pull requests💰📉 Shift FinOps Left!

Docker database images with pre-populated data for testing and/or practice.

Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more

The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!

Contextual Content Discovery Tool

DevSecOps, ASPM, Vulnerability Management. All on one platform.

All about bug bounty (bypasses, payloads, and etc)

A collection of hacks and one-off scripts

This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/Intigriti/etc) that are eligible for reports

Open-source vulnerability disclosure and bug bounty program database

Automatic finder for subdomains vulnerable to takeover. Written in Go, based on @haccer's subjack.

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

An efficient multi-threaded DNS resolver validator

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

A collection of tools to perform searches on GitHub.

Fast passive subdomain enumeration tool.

In-depth attack surface mapping and asset discovery

Subdomain Takeover tool written in Go