Picture Wall - 460 pics
GitHub - AppThreat/dep-scan: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, Google CloudBuild. No server required!
the_cyber_plumbers_handbook/cph_version_1.4_20210829.pdf at master · opsdisk/the_cyber_plumbers_handbook · GitHub
GitHub - TCM-Course-Resources/Open-Source-Intellingence-Resources: Compilation of Resources from TCM's OSINT Course
Ngrok for Penetration Tester’s. Exposing Your Local Pen Test Tools… | by Alexis Rodriguez | Geek Culture
GitHub - ibraheemdev/modern-unix: A collection of modern/faster/saner alternatives to common unix commands.
GitHub - cybersecsi/RAUDI: A repo to automatically generates and keep updated a series of Docker images through GitHub Actions.
GitHub - sc0tfree/updog: Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
GitHub - MaggieAppleton/digital-gardeners: Resources, links, projects, and ideas for gardeners tending their digital notes on the public interwebs
GitHub - flant/shell-operator: Shell-operator is a tool for running event-driven scripts in a Kubernetes cluster
GitHub - trustedsec/unicorn: Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
GitHub - byt3bl33d3r/Red-Baron: Automate creating resilient, disposable, secure and agile infrastructure for Red Teams
GitHub - trustedsec/ptf: The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.
GitHub - mergebase/log4j-detector: Scanner that detects vulnerable Log4J versions (CVE-2021-44228, CVE-2021-45046, etc) on your file-system within any application. It is able to even find instances that are hidden several layers deep. Works on Linux, Windows, and Mac, and everywhere else Java runs, too!
‘Log4Shell’ vulnerability poses critical threat to applications using ‘ubiquitous’ Java logging package Apache Log4j
GitHub - welk1n/JNDI-Injection-Exploit: JNDI注入测试工具（A tool which generates JNDI links can start several servers to exploit JNDI Injection vulnerability,like Jackson,Fastjson,etc）
mundimark/awesome-markdown: A collection of awesome markdown goodies (libraries, services, editors, tools, cheatsheets, etc.)
emanuelpina/emanuelpina.pt: My blog built with Hugo - data/blogroll.yaml at c069b4823615f1147af4f2a02f7e1f0b4594376f - emanuelpina.pt - Codeberg.org
GitHub - pawelmalak/flame: Flame is self-hosted startpage for your server. Easily manage your apps and bookmarks with built-in editors.
ChristianChiarulli/LunarVim: An IDE layer for Neovim with sane defaults. Completely free and community driven.
GitHub - graphql-editor/graphql-editor: 📺 Visual Editor & GraphQL IDE. Draw GraphQL schemas using visual 🔷 nodes and explore GraphQL API with beautiful UI. Even 🐒 can do that!
ChopChop - ChopChop Is A CLI To Help Developers Scanning Endpoints And Identifying Exposition Of Sensitive Services/Files/Folders
luochen1990/rainbow: Rainbow Parentheses Improved, shorter code, no level limit, smooth and fast, powerful configuration.
GitHub - rmehri01/onenord.nvim: 🏔️ A Neovim theme that combines the Nord and Atom One Dark color palettes for a more vibrant programming experience.
GitHub - outflanknl/RedELK: Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
GitHub - external-secrets/kubernetes-external-secrets: Integrate external secret management systems with Kubernetes
A Thread from @SecurityJon: "I’ve been doing a bit of work recently, attacking laptops that are protected by Microsoft Bitlocker drive [...]"
kaiiyer/awesome-vulnerable: A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
haidaraM/ansible-playbook-grapher: A command line tool to create a graph representing your Ansible playbook tasks and roles
GitHub - mrousavy/Colorwaver: An app to detect color palettes in the real world - powered by VisionCamera
Coc Tailwind Intellisense - Coc.nvim extension for Tailwind CSS IntelliSense - (coc-tailwind-intellisense)
GitHub - bep/hugo-starter-tailwind-basic: A basic and simple to set up Hugo with TailwindCSS starter project.
GitHub - dirkolbrich/hugo-theme-tailwindcss-starter: Starter files for a Hugo theme with Tailwindcss
GitHub - seebye/ueberzug: ueberzug is a command line util which allows to display images in combination with X11
GitHub - d0c-s4vage/lookatme.contrib.image_ueberzug: An in-development lookatme extension that uses ueberzug and urwid_ueberzogen to add image rendering support
Learn Kubernetes in Under 3 Hours: A Detailed Guide to Orchestrating Containers | by Rinor Maloku | We’ve moved to freeCodeCamp.org/news | Medium
DB2 Upgrade , Oracle Compatibility Mode Issue trouble shoot: How Load/Import would work in case of RAW data in DB2
Visualizing Kubernetes Resources. To help users identify these issues… | by Lauri Nevala | Jul, 2021 | Medium
GitHub - bee-san/pyWhat: 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
madhuakula/kubernetes-goat: Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
ajxchapman/ReServ: A set of simple servers (currently HTTP/HTTPS and DNS) which allow configurable and scriptable responses to network requests.
Why Cloudflare’s CAPTCHA replacement with FIDO2/WebAuthn is a really bad idea | by Ackermann Yuriy | May, 2021 | Medium
SQL Indexing and Tuning e-Book for developers: Use The Index, Luke covers Oracle, MySQL, PostgreSQL, SQL Server, ...
How are docker images built? A look into the Linux overlay file-systems and the OCI specification - DEV Community
WSL2/HyperV additional disk is created in incorrect directory and it is not cleaned/fails on reup · Issue #12069 · hashicorp/vagrant
e-book-template: Template project for creating a book with Asciidoctor with a pleasant authoring experience based on Gradle watch (continuous build) + BrowserSync for live reloading
GitHub - graysky2/profile-sync-daemon: Symlinks and syncs browser profile dirs to RAM thus reducing HDD/SDD calls and speeding-up browsers.
Bug Bytes #94 - Breaking Symfony apps, Why Cyber Security is so hard to learn & how best to approach it - Intigriti
Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
Bug Bytes #92 - Pwning Apple for three months, XSS in VueJS, Hacking Salesforce Lightning & Unicode byͥtes - Intigriti
running-elasticsearch-fun-profit/006-operating-daily.md at master · fdv/running-elasticsearch-fun-profit · GitHub
Bug Bytes #91 - The shortest domain, Weird Facebook authentication bypass & GitHub Actions secrets - Intigriti
How to Create a Runbook: A Guide for Sysadmins & MSPs | Process Street | Checklist, Workflow and SOP Software
Hetty is an HTTP toolkit for security research. It aims to become an open source alternative to commercial software like Burp Suite Pro, with powerful features tailored to the needs of the infosec and bug bounty community.
Bug Bytes #90 - The impossible XSS, Burp Pro tips & A millionaire on bug bounty and meditation - Intigriti
GitHub - tanprathan/MobileApp-Pentest-Cheatsheet: The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
k8s-practice-questions/practice-questions-with-solutions.md at master · ipochi/k8s-practice-questions
danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
krzko/awesome-cka: ☸️ A curated list for awesome resources needed to pass your Certified Kubernetes Administrator (CKA) exam.
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of resources for those interested in getting started in bug bounties
GitHub - enjoiz/XXEinjector: Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
GitHub - enaqx/awesome-pentest: A collection of awesome penetration testing resources, tools and other shiny things
GitHub - djadmin/awesome-bug-bounty: A comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.