Lists (1)
Sort Name ascending (A-Z)
Starred repositories
Run macOS VM in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X Security Research! Docker mac Containers.
This repository started out as a learning in public project for myself and has now become a structured learning map for many in the community. We have 3 years under our belt covering all things Devβ¦
Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
The Elastic stack (ELK) powered by Docker and Compose.
Set up your own OpenVPN server on Debian, Ubuntu, Fedora, CentOS or Arch Linux.
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
WireGuard VPN installer for Linux servers
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
Find exploits in local and online databases instantly
A curated list of the most common and most interesting robots.txt disallowed directories.
A script to set up a quick Ubuntu 17.10 x64 box with tools I use.
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
Automation for javascript recon in bug bounty.
slacktee is a bash script that works like tee command. Instead of writing the standard input to files, slacktee posts it to Slack.
β‘·β πππππ ππΈβ β’Ύ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
An automation tool that scans sub-domains, sub-domain takeover, then filters out XSS, SSTI, SSRF, and more injection point parameters and scans for some low hanging vulnerabilities automatically.
Content discovery wordlists generated using BigQuery
Automated security reporting from markdown templates (HackerOne and Bugcrowd are currently the platforms supported)
Web recon script. No need to fear, sumrecon is here!
You can read the writeup on this script here
Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
Secret and/or credential patterns used for gf.