pedes
Follow
π Security
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the β¦
Secure Software Development Fundamentals courses (from the OpenSSF Best Practices WG)
OpenSSF Scorecard - Security health metrics for Open Source
A simple zero-config tool to make locally trusted development certificates with any names you'd like.
A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, seβ¦
RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
Proactive, Open source API security β API discovery, API Security Posture, Testing in CI/CD, Test Library with 1000+ Tests, Add custom tests, Sensitive data exposure
Practical Ethical Hacking Labs π‘π‘
β‘ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes β‘
π Join us for 30days of daily API security tests. #30days30tests We've spent last 120days building amazing API security tests for the community. Next 30 days we will post test tutorials here.
π A toolkit for testing, tweaking and cracking JSON Web Tokens
Metlo is an open-source API security platform.
This challenge is Inon Shkedy's 31 days API Security Tips.
A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.
Fast and light-weight API proxy firewall for request and response validation by OpenAPI specs.
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Software to identify the different types of hashes used to encrypt data and especially passwords
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Tools & Interesting Things for RedTeam Ops
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), arβ¦