Stars
A Central Control Plane for AWS Permissions and Access
Sophisticated, battery-conscious background-geolocation with motion-detection
[CCS'24] A dataset consists of 15,140 ChatGPT prompts from Reddit, Discord, websites, and open-source datasets (including 1,405 jailbreak prompts).
Microsoft ICSpector (ICS Forensics Tools framework) is an open-source forensics framework that enables the analysis of Industrial PLC metadata and project files.
Python script to enumerate valid Microsoft 365 domains, retrieve tenant name, and check for an MDI instance.
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
Wiki.js with Let's Encrypt Using Docker Compose
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any type.
Source code for Twitter's Recommendation Algorithm
Tools and Techniques for Blue Team / Incident Response
Tools and Techniques for Red Team / Penetration Testing
Practical Ethical Hacking Labs π‘π‘
Extract Windows Wi-Fi Passwords to Remote URL
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.
Git All the Payloads! A collection of web attack payloads.
π Path to a free self-taught education in Computer Science!
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground π
Standard and Advanced Demos for learn.cantrill.io courses
Checklist for container security - devsecops practices
The lazier way to manage everything docker
Lab files for A Cloud Guru's Google Certified Associate Cloud Engineer course -- ACG GCP ACE
The Google Cloud Developer's Cheat Sheet
ADExplorerSnapshot.py is an AD Explorer snapshot parser. It is made as an ingestor for BloodHound, and also supports full-object dumping to NDJSON.
Script gets you access to download private videos on Vimeo
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool