My useful files for penetration tests, security assessments, bug bounty and other security related stuff
-
Updated
Jun 8, 2024 - Shell
Cybersecurity (security) includes controlling physical access to hardware as well as protection from attacks that come via network access, data injection, and code injection.
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
Asset inventory of over 800 public bug bounty programs.
Hardening Ubuntu. Systemd edition.
Security Onion is a free and open platform for threat hunting, enterprise security monitoring, and log management. It includes our own interfaces for alerting, dashboards, hunting, PCAP, and case management. It also includes other tools such as Playbook, osquery, CyberChef, Elasticsearch, Logstash, Kibana, Suricata, and Zeek.
The Official Key Croc Payload Repository
EMBA - The firmware security analyzer
Security automation content in SCAP, Bash, Ansible, and other formats
A free and open platform for detecting and preventing email attacks like BEC, malware, and credential phishing. Gain visibility and control, hunt for advanced threats, collaborate with the community, and write detections-as-code.
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
A collection of android security related resources. With repository stars⭐ and forks🍴
Sandfly Security Agentless Compromise and Intrusion Detection System For Linux
A few utilities to work with JWTs.
SafeGuardian VPN - An Advanced Whonix Alternative Based on LXC Containers (use tor, wireguard,openvpn)
An ssh force-command script for restricting binaries executed by the Sandfly (https://www.sandflysecurity.com/) user.
This is a bash script which uses some of the major security tools used for bug bounty. And to automate everything.
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
My Privacy DNS #Matrix lists for blacklisting
Arsenal is a Simple shell script (Bash) used to install tools and requirements for Bug Bounty
Hastly written Tools & Scripts for Personal Use Cases & Bug Bounties
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.