dagheyman / awesome-product-security
πA curated list of product security resources.
β19Updated 2 years ago
Alternatives and similar repositories for awesome-product-security:
Users that are interested in awesome-product-security are comparing it to the libraries listed below
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabβ¦β39Updated 2 years ago
- Run Capture the Flags and Security Trainings with OWASP WrongSecretsβ43Updated this week
- Blogpost series showcasing interesting cloud - web app security bugsβ47Updated last year
- This is vulnerable microservice written in many language to demonstrating OWASP API Top Security Risk (under development)β43Updated last year
- Repo for Cybercloud Tutorials hosted at cybercloud.guruβ2Updated 4 months ago
- Scripts and misc. stuff related to the PortSwigger Web Academyβ17Updated 2 years ago
- InfoSec OpenAI Examplesβ19Updated last year
- Virtual Security Operations Centerβ50Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Securityβ63Updated last year
- Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloudβ50Updated 2 years ago
- Determine privileges from cloud credentials via brute-force testing.β66Updated 5 months ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by meβ17Updated 5 months ago
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilitiesβ26Updated 6 months ago
- β22Updated 3 years ago
- A web security research tool for DOM testingβ17Updated this week
- Damn Vulnerable Rails appβ12Updated 12 years ago
- A not-curated list of cloud hacking labsβ20Updated 9 months ago
- MyOpenVDP is a free web application to install a vulnerability disclosure policy or a vulnerability disclosure program on your assets. (Vβ¦β27Updated 5 months ago
- β55Updated last year
- A PoC to Simulate Ransomware Attack on AWS Environmentβ29Updated 3 months ago
- AWS SSO serverless phishing API.β31Updated 3 years ago
- Script to manage and create local pentesting training virtual labβ48Updated 4 years ago
- β32Updated last month
- Contains all my research and content produced regarding the log4shell vulnerabilityβ31Updated 3 years ago
- CloudScraper: Tool to enumerate targets in search of cloud resources. S3 Buckets, Azure Blobs, Digital Ocean Storage Space.β29Updated 2 years ago
- This repository is intended for sharing files/tools/tutorials..etc that related to eWPTXv2 from eLearnSecurityβ14Updated 4 years ago
- Simple Command Line Tool to Enumerate Slack Workspace Names from Slack Webhook URLs.β39Updated last year
- β17Updated last year
- Paramalyzer - Burp extension for parameter analysis of large-scale web application penetration tests.β32Updated 2 years ago
- β12Updated 3 years ago