Automated Adversary Emulation Platform

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

🎯 Command Injection Payload List

kunpeng是一个Golang编写的开源POC框架/库，以动态链接库的形式提供各种语言调用，通过此项目可快速开发漏洞检测类的系统。

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Passhunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

Awesome Python Security resources 🕶🐍🔐

Hacking Toolkit

My collection of various security tools created mostly in Python and Bash. For CTFs and Bug Bounty.

secureCodeBox (SCB) - continuous secure delivery out of the box

A friendly car security exploration tool for the CAN bus

A vulnerable Android application that shows simple examples of vulnerabilities in a ctf style.

Resources for Application Security including Web, API, Android, iOS and Thick Client

Red Team Attack Lab for TTP testing & research

🔎 shodansploit > v1.3.0

Awesome .NET Security Resources

🎯 HackerTarget ToolKit - Tools And Network Intelligence To Help Organizations With Attack Surface Discovery 🎯

Web application vulnerability scanner

NERVE Continuous Vulnerability Scanner