Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

Projects in Awesome Lists tagged with infosec

A curated list of projects in awesome lists tagged with infosec .

https://github.com/ffuf/ffuf

Fast web fuzzer written in Go

fuzzer infosec pentesting web

Last synced: 28 Oct 2024

https://github.com/digininja/dvwa

Damn Vulnerable Web Application (DVWA)

dvwa hacking infosec php security sql-injection training

Last synced: 16 Dec 2024

https://github.com/digininja/DVWA

Damn Vulnerable Web Application (DVWA)

dvwa hacking infosec php security sql-injection training

Last synced: 30 Oct 2024

https://github.com/infosecn1nja/red-teaming-toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

hacking infosec pentesting red-team

Last synced: 04 Dec 2024

https://github.com/infosecn1nja/Red-Teaming-Toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

hacking infosec pentesting red-team

Last synced: 01 Nov 2024

https://github.com/samratashok/nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

activedirectory hacking infosec nishang penetration-testing powershell red-team redteam security

Last synced: 17 Dec 2024

https://github.com/yogeshojha/rengine

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

bug-bounty bugbounty hacking information-gathering infosec osint penetration-testing pentesting recon recon-engine reconnaissance rengine scanner scanner-web scanning security-tools

Last synced: 18 Dec 2024

https://github.com/liamg/traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

cve-2021-3560 cve-2022-0847 dirtypipe exploit gtfobins hackthebox infosec privesc privilege-escalation redteam-tools security-tools

Last synced: 17 Dec 2024

https://github.com/dstotijn/hetty

An HTTP toolkit for security research.

bugbounty http infosec mitm pentesting proxy

Last synced: 19 Dec 2024

https://github.com/EdOverflow/bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

bugbounty infosec payloads security

Last synced: 05 Nov 2024

https://github.com/edoverflow/bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

bugbounty infosec payloads security

Last synced: 30 Nov 2024

https://github.com/ihebski/DefaultCreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting

Last synced: 03 Nov 2024

https://github.com/ffffffff0x/1earn

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

blueteam collection ctf hacking ics-security infosec linux-learning markdown-article pentest pentest-tool poc post-penetration redteam security security-tools study writeup

Last synced: 17 Dec 2024

https://github.com/ihebski/defaultcreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

blueteam bugbounty cheatsheet credentials-gathering cybersecurity default-password exploit infosec offensive-security pentest pentesting

Last synced: 29 Oct 2024

https://github.com/edoverflow/can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

bugbounty infosec list security subdomain subdomain-takeovers

Last synced: 15 Dec 2024

https://github.com/EdOverflow/can-i-take-over-xyz

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

bugbounty infosec list security subdomain subdomain-takeovers

Last synced: 24 Oct 2024

https://github.com/jassics/security-study-plan

Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...

api-security application-security appsec appsec-tutorials aws-security azure-security cybersecurity cybersecurity-education devsecops-university gcp-security infosec pentesting security-testing study-guide study-plan study-planner

Last synced: 05 Dec 2024

https://github.com/ullaakut/cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

cameras cctv hacking hacking-tool infosec netsec penetration-testing pentesting rtsp security security-tools

Last synced: 17 Dec 2024

https://github.com/meitar/awesome-cybersecurity-blueteam

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

awesome-list blue-team computer-security cybersecurity defensive-security infosec security

Last synced: 13 Oct 2024

https://github.com/Ullaakut/cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

cameras cctv hacking hacking-tool infosec netsec penetration-testing pentesting rtsp security security-tools

Last synced: 26 Oct 2024

https://github.com/gerbenjavado/linkfinder

A python script that finds endpoints in JavaScript files

endpoints infosec

Last synced: 19 Dec 2024

https://github.com/GerbenJavado/LinkFinder

A python script that finds endpoints in JavaScript files

endpoints infosec

Last synced: 28 Oct 2024

https://github.com/ysrc/xunfeng

巡风是一款适用于企业内网的漏洞快速应急,巡航扫描系统。

exploits infosec pentesting scanner security security-audit vulnerability-assessment vulnerability-detection vulnerability-scanners

Last synced: 19 Dec 2024

https://github.com/kurolabs/stegcloak

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

cipher compression cryptography data-exfiltration functional-programming hacking hacking-tool hacking-tools infosec javascript privacy ramdajs security security-tools steganography stego

Last synced: 17 Dec 2024

https://github.com/KuroLabs/stegcloak

Hide secrets with invisible characters in plain text securely using passwords 🧙🏻‍♂️⭐

cipher compression cryptography data-exfiltration functional-programming hacking hacking-tool hacking-tools infosec javascript privacy ramdajs security security-tools steganography stego

Last synced: 30 Oct 2024

https://github.com/maximebeasse/keydecoder

KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.

card duplicate-keys infosec keydecoder locksmith pentesters picture security-enthusiasts

Last synced: 20 Dec 2024

https://github.com/ignis-sec/pwdb-public

A collection of all the data i could extract from 1 billion leaked credentials from internet.

infosec password rockyou seclists

Last synced: 03 Dec 2024

https://github.com/MaximeBeasse/KeyDecoder

KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.

card duplicate-keys infosec keydecoder locksmith pentesters picture security-enthusiasts

Last synced: 29 Oct 2024

https://github.com/snooppr/snoop

Snoop — инструмент разведки на основе открытых данных (OSINT world)

blueteam ctf geo geocoder infosec ip nickname osint parser pentest police redteam scanner scraping security termux username username-checker username-search web-scraping

Last synced: 18 Dec 2024

https://github.com/ignis-sec/Pwdb-Public

A collection of all the data i could extract from 1 billion leaked credentials from internet.

infosec password rockyou seclists

Last synced: 27 Oct 2024

https://github.com/roave/securityadvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily

composer infosec php security-advisories security-vulnerabilities security-vulnerability

Last synced: 16 Dec 2024

https://github.com/Roave/SecurityAdvisories

:closed_lock_with_key: Security advisories as a simple composer exclusion list, updated daily

composer infosec php security-advisories security-vulnerabilities security-vulnerability

Last synced: 29 Oct 2024

https://github.com/sa7mon/s3scanner

Scan for misconfigured S3 buckets across S3-compatible APIs!

aws bugbounty gcp infosec s3 s3scanner

Last synced: 17 Dec 2024

https://github.com/sa7mon/S3Scanner

Scan for misconfigured S3 buckets across S3-compatible APIs!

aws bugbounty gcp infosec s3 s3scanner

Last synced: 28 Oct 2024

https://github.com/jaeles-project/jaeles

The Swiss Army knife for automated Web Application Testing

bugbounty golang hacking infosec jaeles scanner security-tools vulnerabilities web-scanner

Last synced: 19 Dec 2024

https://github.com/inonshk/31-days-of-API-Security-Tips

This challenge is Inon Shkedy's 31 days API Security Tips.

api-pentest api-security bug-bounty bugbounty bugbountytips infosec pentest security

Last synced: 26 Oct 2024

https://github.com/cisagov/malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

arkime cybersecurity infosec network-security network-traffic-analysis networksecurity networktrafficanalysis opensearch opensearch-dashboards pcap security suricata zeek

Last synced: 19 Dec 2024

https://github.com/cider-security-research/cicd-goat

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

appsec cicd ctf devops devsecops gitlab infosec jenkins security

Last synced: 21 Dec 2024

https://github.com/cisagov/Malcolm

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

arkime cybersecurity infosec network-security network-traffic-analysis networksecurity networktrafficanalysis opensearch opensearch-dashboards pcap security suricata zeek

Last synced: 01 Nov 2024

https://github.com/ph055a/osint_collection

Maintained collection of OSINT related resources. (All Free & Actionable)

court-search data-science dataset infosec investigation journalism osint research search

Last synced: 03 Dec 2024

https://github.com/Ph055a/OSINT_Collection

Maintained collection of OSINT related resources. (All Free & Actionable)

court-search data-science dataset infosec investigation journalism osint research search

Last synced: 03 Nov 2024

https://github.com/idov31/nidhogg

Nidhogg is an all-in-one simple to use windows kernel rootkit.

cpp cyber-security cybersecurity driver infosec kernel red-team redteam rootkit windows windows-rootkits

Last synced: 19 Dec 2024

https://github.com/securitytxt/security-txt

A proposed standard that allows websites to define security policies.

ietf ietf-rfcs infosec internet-draft issue-tracker policy security standard

Last synced: 30 Nov 2024

https://github.com/lkarlslund/adalanche

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

acl acl-audit active-directory activedirectory ad-audit blueteam graph-theory infosec ldap ldap-audit reconnaissance

Last synced: 19 Dec 2024

https://github.com/lutfumertceylan/top25-parameter

For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon. 🛡️⚔️🧙

bugbounty bugbountytips infosec pentest-tool pentesting security vulnerability-detection vulnerability-research xss-detection

Last synced: 02 Dec 2024

https://github.com/bashfuscator/bashfuscator

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team

Last synced: 21 Dec 2024

https://github.com/Bashfuscator/Bashfuscator

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

bash blue-team evasion incident-response infosec linux linux-shell obfuscation red-team

Last synced: 21 Nov 2024

https://github.com/xdavidhu/mitmap

📡 A python program to create a fake AP and sniff data.

access-point fake-ap hacking infosec kali-linux mitm pentesting python wifi wireless

Last synced: 26 Sep 2024

https://github.com/xdavidhu/mitmAP

📡 A python program to create a fake AP and sniff data.

access-point fake-ap hacking infosec kali-linux mitm pentesting python wifi wireless

Last synced: 19 Nov 2024

https://github.com/lkarlslund/Adalanche

Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)

acl acl-audit active-directory activedirectory ad-audit blueteam graph-theory infosec ldap ldap-audit reconnaissance

Last synced: 06 Nov 2024

https://github.com/purp1ew0lf/blue-team-notes

You didn't think I'd go and leave the blue team out, right?

blueteam cybersecurity dfir infosec powershell

Last synced: 21 Dec 2024

https://github.com/Purp1eW0lf/Blue-Team-Notes

You didn't think I'd go and leave the blue team out, right?

blueteam cybersecurity dfir infosec powershell

Last synced: 08 Nov 2024

https://github.com/harsh-bothra/learn365

This repository is about @harshbothra_'s 365 days of Learning Tweets & Mindmaps collection.

application-security bugbounty bugbountytips community infosec learning pentesting pentesting-tools vulnerabilities

Last synced: 29 Nov 2024

https://github.com/edoardottt/cariddi

Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more

bugbounty crawler crawling endpoint-discovery endpoints go golang hacktoberfest infosec osint penetration-testing pentesting recon reconnaissance redteam scraper secret-keys secrets-detection security security-tools

Last synced: 19 Dec 2024

https://github.com/TryCatchHCF/Cloakify

CloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection

av-evasion cipher cryptography data-exfiltration dlp exfiltration hacking hacking-tool hacking-tools infosec pentest pentest-tool pentest-tools pentesting privacy red-team security security-tools steganography stego

Last synced: 01 Nov 2024

https://github.com/hashpals/name-that-hash

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

ctf ctf-tools cyber hacking hackthebox hacktoberfest hash hashing infosec python security tool tryhackme

Last synced: 22 Dec 2024

https://github.com/HashPals/Name-That-Hash

🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

ctf ctf-tools cyber hacking hackthebox hacktoberfest hash hashing infosec python security tool tryhackme

Last synced: 02 Nov 2024

https://github.com/v-byte-cpu/sx

:vulcan_salute: Fast, modern, easy-to-use network scanner

arp docker go icmp infosec ipv4 lan network pentest proxy recon scan scanner security socks socks5 syn tcp udp wan

Last synced: 21 Dec 2024

https://github.com/m3n0sd0n4ld/goofuzz

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

bash-script bugbounty discovery fuzzing google-dorks hacking information-disclosure infosec osint penetration-testing pentesting recon reconnaissance red-team subdomain

Last synced: 21 Dec 2024

https://github.com/cyber-guy1/api-securityempire

API Security Project aims to present unique attack & defense methods in API Security field

api apisecurity bug-bounty bugbounty bugbountytips cybersec cybersecurity information-security infosec penetration-testing tips

Last synced: 05 Dec 2024

https://github.com/mufeedvh/moonwalk

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps.

cve exploit exploitation infosec infosectools linux privilege-escalation red-teaming redteam redteam-tools security security-tools

Last synced: 15 Dec 2024

https://github.com/Cyber-Guy1/API-SecurityEmpire

API Security Project aims to present unique attack & defense methods in API Security field

api apisecurity bug-bounty bugbounty bugbountytips cybersec cybersecurity information-security infosec penetration-testing tips

Last synced: 28 Nov 2024

https://github.com/m3n0sd0n4ld/GooFuzz

GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).

bash-script bugbounty discovery fuzzing google-dorks hacking information-disclosure infosec osint penetration-testing pentesting recon reconnaissance red-team subdomain

Last synced: 08 Nov 2024

https://github.com/stampery/mongoaudit

🔥 A powerful MongoDB auditing and pentesting tool 🔥

authentication cli database encryption hardening infosec mongodb pentesting

Last synced: 20 Dec 2024

https://github.com/hashpals/search-that-hash

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

cracks cybersecurity hacking hacking-tool hash hashcat infosec john tool

Last synced: 21 Dec 2024

https://github.com/bert-janp/hunting-queries-detection-rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

azure blueteam cybersecurity defender-for-endpoint dfir infosec kql mde mdi misp security sentinel threat-hunting vulnerability-management zero-day

Last synced: 19 Dec 2024

https://github.com/HashPals/Search-That-Hash

🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

cracks cybersecurity hacking hacking-tool hash hashcat infosec john tool

Last synced: 04 Nov 2024

https://github.com/initstring/passphrase-wordlist

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

hacking infosec password-cracking penetration-testing pentesting wordlist

Last synced: 15 Dec 2024

https://github.com/Bert-JanP/Hunting-Queries-Detection-Rules

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

azure blueteam cybersecurity defender-for-endpoint dfir infosec kql mde mdi misp security sentinel threat-hunting vulnerability-management zero-day

Last synced: 02 Nov 2024

https://github.com/tomchop/malcom

Malcom - Malware Communications Analyzer

dfir infosec malware malware-analysis network-traffic pcap threat-intelligence

Last synced: 15 Dec 2024

https://github.com/i-am-jakoby/powershell-for-hackers

This repository is a collection of powershell functions every hacker should know

badusb badusb-payloads flipperzero hak5 infosec penetration-testing pentesting powershell powershell-script

Last synced: 20 Dec 2024