x1trap / websec-answersView external linksLinks
Websec interview questions by tib3rius answered
☆309Nov 13, 2023Updated 2 years ago
Alternatives and similar repositories for websec-answers
Users that are interested in websec-answers are comparing it to the libraries listed below
Sorting:
- Burp Suite Certified Practitioner Exam Study☆1,310Feb 5, 2026Updated last week
- Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.☆1,848Oct 1, 2025Updated 4 months ago
- This is a companion to the Security Engineer Questions☆205Nov 27, 2023Updated 2 years ago
- A simple script which implements different Cognito attacks such as Account Oracle or Priviledge Escalation☆109Feb 16, 2024Updated last year
- .NET deserialization hunter☆81Jul 21, 2024Updated last year
- Gram is Klarna's own threat model diagramming tool☆328Jan 26, 2026Updated 2 weeks ago
- A modified version of TomNomNom's anew, allowing for multiple files to be defined as parameters.☆13Jun 17, 2023Updated 2 years ago
- ☆115Aug 12, 2025Updated 6 months ago
- oauth security guidelines☆230Jun 25, 2019Updated 6 years ago
- ☆520Apr 29, 2024Updated last year
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆283May 16, 2025Updated 8 months ago
- Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threa…☆1,404Jun 24, 2025Updated 7 months ago
- Awesome secure by default libraries to help you eliminate bug classes!☆700Dec 6, 2025Updated 2 months ago
- Shodan Dorks 2023☆245Jan 13, 2025Updated last year
- A Python-based tool to create zip, tar and cpio archives to exploit common archive library issues and developer mistakes☆43Nov 28, 2025Updated 2 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆141Jan 28, 2024Updated 2 years ago
- This repository contains a graphical representation (Mind maps) of specific topics, so one can utilize it as a handbook for that specific…☆17Feb 10, 2022Updated 4 years ago
- A simple plugin to export JS files from one or multiple targets☆43Nov 12, 2023Updated 2 years ago
- A tool for quickly evaluating IAM permissions in AWS.☆60Nov 6, 2023Updated 2 years ago
- Security interview questions with possible explanation for roles in AppSec, Pentesting, Cloud Security, DevSecOps, Network Security and s…☆407Dec 28, 2024Updated last year
- Automating situational awareness for cloud penetration tests.☆2,289Feb 5, 2026Updated last week
- BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for c…☆436Dec 30, 2025Updated last month
- Web Security Scanner☆374Nov 13, 2025Updated 3 months ago
- RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.☆1,899Oct 29, 2025Updated 3 months ago
- A security-first linter for code that shouldn't need linting☆17Sep 12, 2023Updated 2 years ago
- ☆2,428Feb 2, 2026Updated last week
- This GitHub Action sends a reverse shell from a runner via Azure Storage Account blobs☆39Sep 25, 2024Updated last year
- Vulnerable app with examples showing how to not use secrets☆1,395Updated this week
- This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage clou…☆2,804Sep 17, 2024Updated last year
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Nov 11, 2024Updated last year
- Collection of OPSEC Tradecraft and TTPs for Red Team Operations☆319Feb 1, 2026Updated last week
- Golang weaponization for red teamers.☆516Jan 17, 2024Updated 2 years ago
- Every Security Engineer Interview Question From Glassdoor.com☆1,253Mar 2, 2024Updated last year
- A set of scripts to install a Burp Collaborator Server in a docker environment, using a LetsEncrypt wildcard certificate in as simple a p…☆30Nov 30, 2025Updated 2 months ago
- Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.☆570Jan 28, 2026Updated 2 weeks ago
- GitHub Attack Toolkit - Extreme Edition - A static analysis and exploit toolkit for GitHub Actions.☆480Jan 5, 2026Updated last month
- Extract URLs, paths, secrets, and other interesting bits from JavaScript☆1,755May 22, 2024Updated last year
- LLM Testing Findings Templates☆75Feb 14, 2024Updated last year
- OmniCrawl is a web measurement tool that allows for recording of web requests and JavaScript browser API accesses on multiple platforms.☆27Mar 20, 2024Updated last year