This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), ar…

Junção de conteúdos, dicas e considerações da comunidade do Br de AppSec para divulgar a palavra do DevSecOps e orientar aspirantes que não se encaixam nem com Red e nem com Blue team

AWSGoat : A Damn Vulnerable AWS Infrastructure

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wis…

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Metasploit Framework

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

A ransomware implementation just for educational purpose

A Python library for automating interaction with websites.

Code from Blackhat Python book