senhasegura Identity Threat Labs is a premier threat intelligence center specializing in predictive analysis of identity-focused attack vectors. Using reverse engineering, malware analysis, and thr…

When conducting a web application penetration test there are times when you want to be able to pivot through a system to which you have gained access, to other systems in order to continue testing.…

Understanding attack paths is paramount for developing effective cybersecurity strategies. By dissecting potential routes, organizations can implement targeted security measures. These may include …

Malicious PDF files recently considered one of the most dangerous threats to the system security. The flexible code-bearing vector of the PDF format enables to attacker to carry out malicious code …

This Python script checks for the CVE-2024-6387 vulnerability in OpenSSH servers. It supports multiple IP addresses, URLs, CIDR ranges, and ports. The script can also read addresses from a file.

In an era where digital security is crucial, a new vulnerability in OpenSSH, identified as CVE-2024-6387, has drawn the attention of system administrators and security professionals worldwide. Name…

Reverse Engineer's Toolkit

A curated list of resources for learning about Web3

A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools

A suite for hunting suspicious targets, expose domains and phishing discovery

Principios e Boas Práticas sobre Desenvolvimento Seguro

APIDetector: Efficiently scan for exposed Swagger endpoints across web domains and subdomains. Supports HTTP/HTTPS, multi-threading, and flexible input/output options. Ideal for API security testing.

🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List

A curated list of tools for incident response

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

Graph-based security analysis for everyone

game of active directory

Programming secure connections in Python and Java

The parent project for OpenZiti. Here you will find the executables for a fully zero trust, application embedded, programmable network @OpenZiti

A curated list of resources for learning about application security

A list of web application security

Ultimate DevSecOps library

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

Esse guia contém todas as informações necessárias para se introduzir na área de segurança da informação, dessa maneira, você encontrará, cursos, indicações de livros, roadmaps, playlists, certifica…

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.

k8spacket - collects TCP traffic and TLS connection metadata in the Kubernetes cluster using eBPF and visualizes in Grafana

Main Sigma Rule Repository

Splunk Security Content

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security