Websec interview questions by tib3rius answered
☆309Nov 13, 2023Updated 2 years ago
Alternatives and similar repositories for websec-answers
Users that are interested in websec-answers are comparing it to the libraries listed below
Sorting:
- Burp Suite Certified Practitioner Exam Study☆1,325Feb 5, 2026Updated last month
- Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.☆1,889Oct 1, 2025Updated 5 months ago
- This is a companion to the Security Engineer Questions☆205Nov 27, 2023Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Feb 16, 2024Updated 2 years ago
- .NET deserialization hunter☆86Jul 21, 2024Updated last year
- Gram is Klarna's own threat model diagramming tool☆331Updated this week
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆13Jun 17, 2023Updated 2 years ago
- ☆117Feb 11, 2026Updated 3 weeks ago
- oauth security guidelines☆232Jun 25, 2019Updated 6 years ago
- ☆520Apr 29, 2024Updated last year
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆288May 16, 2025Updated 9 months ago
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Nov 28, 2025Updated 3 months ago
- Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and s…☆422Dec 28, 2024Updated last year
- Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threa…☆1,402Jun 24, 2025Updated 8 months ago
- Awesome secure by default libraries to help you eliminate bug classes!☆700Dec 6, 2025Updated 3 months ago
- Shodan Dorks 2023☆245Jan 13, 2025Updated last year
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆144Jan 28, 2024Updated 2 years ago
- This repository contains a graphical representation (Mind maps) of specific topics, so one can utilize it as a handbook for that specific…☆17Feb 10, 2022Updated 4 years ago
- A simple plugin to export JS files from one or multiple targets☆44Nov 12, 2023Updated 2 years ago
- Retrieve LAPS passwords from a domain. The tools is inspired in pyLAPS.☆32Mar 8, 2025Updated last year
- A tool for quickly evaluating IAM permissions in AWS.☆60Nov 6, 2023Updated 2 years ago
- Automating situational awareness for cloud penetration tests.☆2,303Updated this week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆436Dec 30, 2025Updated 2 months ago
- Web Security Scanner☆384Nov 13, 2025Updated 3 months ago
- RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.☆1,900Oct 29, 2025Updated 4 months ago
- ☆33Jan 16, 2026Updated last month
- ☆2,450Feb 2, 2026Updated last month
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- Vulnerable app with examples showing how to not use secrets☆1,397Mar 2, 2026Updated last week
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,804Sep 17, 2024Updated last year
- A security-first linter for code that shouldn't need linting☆18Sep 12, 2023Updated 2 years ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Nov 11, 2024Updated last year
- Collection of OPSEC Tradecraft and TTPs for Red Team Operations☆321Feb 1, 2026Updated last month
- Golang weaponization for red teamers.☆516Jan 17, 2024Updated 2 years ago
- Every Security Engineer Interview Question From Glassdoor.com☆1,255Mar 2, 2024Updated 2 years ago
- OmniCrawl is a web measurement tool that allows for recording of web requests and JavaScript browser API accesses on multiple platforms.☆27Mar 20, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 3 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆575Feb 12, 2026Updated 3 weeks ago
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆482Updated this week