Vulnerability Static Analysis for Containers

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

2018 - Vulnerable App for Demos/Training and Workshops

Sysmon configuration file template with default high-quality event tracing

OWASP Juice Shop: Probably the most modern and sophisticated insecure web application

Mixeway is security orchestrator for vulnerability scanners which enable easy plug in integration with CICD pipelines. MixewayHub project contain one click docker-compose file which configure and r…

Testing TLS/SSL encryption anywhere on any port

Erlang SAML library, SSO and SLO, with Cowboy integration

elixir snowflake client

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

Coherence is a full featured, configurable authentication system for Phoenix. It works with Phoenix 1.4

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Penetration Testing Biggest Reference Bank - OSCP / PTP & PTX Cheatsheet

A collective list of public JSON APIs for use in security. Contributions welcome

Checklist of the most important security countermeasures when designing, testing, and releasing your API

OWASP API Security Project

Easily turn single threaded command line applications into a fast, multi-threaded application with CIDR and glob support.

A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

This tool can be used to enumerate the subdomains associated with a company by aggregating the results of multiple OSINT (Open Source Intelligence) tools.

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security development, testing and reverse engineering.

This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 2000 links & 2000 pdf files at any time …

In-depth DNS Enumeration and Network Mapping

A Tool for Domain Flyovers

Most advanced XSS scanner.

Elixir Plug library to enable SAML 2.0 SP SSO in Phoenix/Plug applications.

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

Git All the Payloads! A collection of web attack payloads.