harekrishnarai / Damn-vulnerable-sca
Damn Vulnerable SCA Application
☆13Updated this week
Related projects: ⓘ
- This is a RSS feed collection for all the InfoSec Content Creators☆30Updated 10 months ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆16Updated last month
- A Risk-Based Prioritization Taxonomy for prioritizing CVEs (Common Vulnerabilities and Exposures).☆64Updated 4 months ago
- This provides a guided step by step walkthrough for threat modeling with MITRE ATT&CK Framework☆23Updated last year
- Stalker, the Extensible Attack Surface Management tool.☆75Updated this week
- Offensive Kubernetes Threat Matrix -- kubenomicon.com☆23Updated this week
- Simple Workspace Attack Tool (SWAT) is a tool for simulating malicious behavior against Google Workspace in reference to the MITRE ATT&CK…☆159Updated last month
- DeRF (Detection Replay Framework) is an "Attacks As A Service" framework, allowing the emulation of offensive techniques and generation o…☆82Updated 8 months ago
- ☆31Updated 2 weeks ago
- Nuclei plugins to audit Chrome extensions☆64Updated 2 months ago
- POC tool to create signed AWS API GET requests to bypass Guard Duty alerting of off-instance credential use via SSRF☆57Updated last year
- An LLM and OCR based Indicator of Compromise Extraction Tool☆28Updated 5 months ago
- HASH (HTTP Agnostic Software Honeypot)☆128Updated 4 months ago
- Enriching the NVD CVSS scores to include Temporal & Threat Metrics☆56Updated this week
- GCP GOAT is the vulnerable application for learn the GCP Security☆61Updated 11 months ago
- Cloud Offensive Breach and Risk Assessment (COBRA) Tool☆69Updated this week
- This tool analyzes a given Gitlab repository and searches for dangling or force-pushed commits containing potential secret or interesting…☆38Updated last month
- Blogpost series showcasing interesting cloud - web app security bugs☆44Updated last year
- Dredging up secrets from the depths of the file system☆110Updated 4 months ago
- IMDSPOOF is a cyber deception tool that spoofs the AWS IMDS service to return HoneyTokens that can be alerted on.☆91Updated 9 months ago
- HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enab…☆39Updated 2 years ago
- LLM Testing Findings Templates☆65Updated 7 months ago
- Tool to detect and monitor GitHub org users' public repositories for secrets and sensitive files☆193Updated 4 months ago
- ☆31Updated 2 months ago
- Do bulk whois lookups and get alerted on domains of interest.☆20Updated last month
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆88Updated 6 months ago
- AHHHZURE is an automated deployment script that creates a vulnerable Azure cloud lab for offensive security practitioners and enthusiasts…☆99Updated 4 months ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆96Updated 7 months ago
- InfoSec OpenAI Examples☆19Updated 9 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆192Updated last week