OWASP / owasp-cstgLinks
☆36Updated 5 years ago
Alternatives and similar repositories for owasp-cstg
Users that are interested in owasp-cstg are comparing it to the libraries listed below
Sorting:
- Scripts and tools for AWS Pentest☆53Updated 5 years ago
- Burp Extension for AWS Signing☆89Updated 9 months ago
- learning case to prepare OSWE☆37Updated 5 years ago
- An AWS Lambda vulnerable application written in flask.☆49Updated 8 years ago
- Jekyll Files for cloudsecwiki.com☆49Updated 4 years ago
- A place to store my various pentesting related code thats too small/niche to justify its own repository, and a simple website with notes …☆37Updated 2 weeks ago
- ☆90Updated 3 years ago
- This script is a multi-threaded Okta password sprayer.☆71Updated last year
- Slackhound allows red and blue teams to perform fast reconnaissance on Slack workspaces/organizations to quickly search user profiles, lo…☆83Updated 2 months ago
- Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure☆95Updated 6 years ago
- BurpSuite Extension: A one-stop pen testing checklist and logger tool☆76Updated 3 years ago
- This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…☆122Updated 5 years ago
- Programmatically create hunting rules for deserialization exploitation with multiple keywords, gadget chains, object types, encodings, an…☆144Updated 2 years ago
- Deploy a Private Burpsuite Collaborator using boto3 Python Library☆58Updated 5 years ago
- Posts about different topics☆40Updated 2 months ago
- Quick WAF "paranoid" Doctor Evaluation | WAFPARAN01D3 Tool☆24Updated 3 years ago
- Burp with Friends☆103Updated 2 years ago
- Any presentation we've given at FortyNorth Security☆34Updated 4 years ago
- ☆126Updated last year
- Whitebox evaluation of effective S3 object permissions, to identify publicly accessible files.☆78Updated 3 years ago
- Hayat is a script for report and analyze Google Cloud Platform resources.☆81Updated 5 years ago
- A lab to play with authentication and authorisation problems☆97Updated 2 years ago
- Pivot into private VPC networks using a VPN connection☆43Updated 6 years ago
- Virtual Security Operations Center☆51Updated 2 years ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆40Updated 3 years ago
- Static code analysis tool based on Elasticsearch☆129Updated 4 years ago
- ☆69Updated 6 years ago
- A list of "secrets" from JWT sample code and readme files.☆56Updated 4 years ago
- An Evil OIDC Server☆54Updated 3 years ago
- Mole is a framework for identifying and exploiting out-of-band application vulnerabilities.☆58Updated 5 years ago