SniperPhish - The Web-Email Spear Phishing Toolkit
Platform to host Capture the Flag competitions.
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
A vulnerability scanner for container images and filesystems
CrackQL is a GraphQL password brute-force and fuzzing utility.
Data exfiltration utility for testing detection capabilities
this repository is a docker containing some "XSS vulnerability" challenges and bypass examples
🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs
Falco, the cloud-native runtime security project, is the de facto Kubernetes threat detection engine
Pipal, THE password analyser
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
Welcome to the OWASP WrongSecrets p0wnable app. With this app, we have packed various ways of how to not store your secrets. These can help you to realize whether your secret management is ok. The challenge is to find all the different secrets by means of various tools and techniques.
A DNS meta-query spider that enumerates DNS records, and subdomains
DNS Enumeration Script.
Find dns records in order to identify the Internet footprint of an organization. Recon that enables deeper security assessments and discovery of the attack surface.
Batch IP geolocation script
Communication template for security incident ! Utile !
Sur Internet, nul n’est à l’abri d’une action malveillante ou de messages non sollicités.
WebAuthn FIDO FIDO2 etc ...
OWASP Coraza WAF is a golang modsecurity compatible web application firewall library