A collective list of free APIs

FastAPI framework, high performance, easy to learn, fast to code, ready for production

Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

real time face swap and one-click video deepfake with only a single image

Odoo. Open Source Apps To Grow Your Business.

中文独立博客列表

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the contr…

Custom Selenium Chromedriver | Zero-Config | Passes ALL bot mitigation systems (like Distil / Imperva/ Datadadome / CloudFlare IUAM)

The recursive internet scanner for hackers. 🧡

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

Hunt for security weaknesses in Kubernetes clusters

Stalk your Friends. Find their Instagram, FB and Twitter Profiles using Image Recognition and Reverse Image Search.

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

The Leading Security Assessment Framework for Android.

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

A Python library to access Instagram's private API.

Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.

A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

A collection of Azure AD/Entra tools for offensive and defensive security purposes

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

Test tool for CVE-2020-1472

Repository for the Lemur Certificate Manager

Run PowerShell command without invoking powershell.exe

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

A tool for quickly evaluating IAM permissions in AWS.

A tool to scan Kubernetes cluster for risky permissions