Stoeps' Links
Stoeps' Links
Tag cloud
Picture wall
Daily
RSS Feed
Login
Delete
Set public
Set private
Remember me
Picture Wall - 65 pics
GitHub - leondz/garak: LLM vulnerability scanner
Windows for Pentester: Certutil - Hacking Articles
GitHub - d78ui98/APKDeepLens: Android security insights in full spectrum.
GitHub - helm/chart-testing: CLI tool for linting and testing Helm charts
Getting started with SELinux :: Fedora Docs
Kubernetes LAN Party - by Wiz
GitHub - vulnersCom/trivy-plugin-vulners-db
README - Pentester's Promiscuous Notebook
GitHub - vdohney/keepass-password-dumper: Original PoC for CVE-2023-32784
GitHub - BishopFox/unredacter: Never ever ever use pixelation as a redaction technique
How to Secure Kubernetes with KubeLinter - The New Stack
GitHub - StevenBlack/hosts: 🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
GitHub - Rolix44/Kubestroyer: Kubernetes exploitation tool
Hillai Ben-Sasson (@hillai): "I hacked into a @Bing CMS that allowed me to alter search results and take over millions of @Office365 accounts. How did I do it? Well, it all started with a simple click in @Azure… 👀 This is the story of #BingBang 🧵⬇️"
OWASP Kubernetes Top 10 – Sysdig
GitHub - 9oelM/elasticpwn: Quickly collect data from thousands of exposed Elasticsearch or Kibana instances and generate a report to be analysed.
GitHub - OWASP/wrongsecrets: Vulnerable app with examples showing how to not use secrets
GitHub - cipher387/OSINT-and-Cybersecurity-accounts-in-Mastodon: This repository brings together tool builders, bloggers, speakers, book authors, and other interesting Mastodon accounts
Run OWASP juice shop as a Kubernetes service
HackTricks - HackTricks
Pentest Everything - Pentest Everything
GitHub - TalEliyahu/awesome-security-newsletters: Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks
GitHub - arkenfox/user.js: Firefox privacy, security and anti-tracking: a comprehensive user.js template for configuration and hardening
Hackerangriff in Deutschland aktuell - eine Übersicht
First Bug in Bugcrowd Using Github Dork
Forging GraphQL Bombs, the 2022 version of Zip Bombs
GitHub - Escape-Technologies/awesome-graphql-security: A curated list of awesome GraphQL Security frameworks, libraries, software and resources
GitHub - Proviesec/google-dorks: Useful Google Dorks for WebSecurity and Bug Bounty
Trivy v0.29.0 Release: RBAC, Helm, Custom Extensions, and More
Smashing the Modern Web Tech Stack — Part 1: The Evolving Threat Landscape in 2022 and DOM-based XSS in Cloud-Native React Apps. | by MalwareJoe
ThorstenHans/mask: A simple CLI to hide sensitive information from STDOUT
whatfiles: Log what files are accessed by any Linux process
GitHub - AppThreat/dep-scan: Fully open-source security audit for project dependencies based on known vulnerabilities and advisories. Supports both local repos and container images. Integrates with various CI environments such as Azure Pipelines, CircleCI, Google CloudBuild. No server required!
GitHub - TCM-Course-Resources/Open-Source-Intellingence-Resources: Compilation of Resources from TCM's OSINT Course
Watch "BlueHat Seattle 2019 Kubernetes Practical Attack and Defense" on YouTube
GitHub - cybersecsi/RAUDI: A repo to automatically generates and keep updated a series of Docker images through GitHub Actions.
GitHub - sc0tfree/updog: Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth.
GitHub - CCob/lsarelayx: NTLM relaying for Windows made easy
Threat matrix for Kubernetes
Blocking Web Fonts for Speed and Privacy
Kubernetes Goat
Meet HackerOne: The New Way of Doing Security - YouTube
GitHub - frida/frida-npapi: Frida browser plugin for NPAPI-compatible browsers
GitHub - appvia/krane: Kubernetes RBAC static Analysis & visualisation tool
madhuakula/kubernetes-goat: Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
OWASP ZAP
Bug Bytes #94 - Breaking Symfony apps, Why Cyber Security is so hard to learn & how best to approach it - Intigriti
Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
Exploiting CORS. With a real-world example: | by Gupta Bless
Bug Bytes #90 - The impossible XSS, Burp Pro tips & A millionaire on bug bounty and meditation - Intigriti
Corsy v1.0 - CORS Misconfiguration Scanner
danielmiessler/SecLists: SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
OWASP Vulnerable Web Application
chenjj/CORScanner: Fast CORS misconfiguration vulnerabilities scanner🍻
bloomberg/powerfulseal: A powerful testing tool for Kubernetes clusters.
Every Type of XSS Attack, Explained - YouTube
k8s-security/README.md at master · kabachook/k8s-security
nahamsec/Resources-for-Beginner-Bug-Bounty-Hunters: A list of resources for those interested in getting started in bug bounties
security-cheatsheet/reverse-shell-cheatsheet: 🙃 Reverse Shell Cheat Sheet 🙃
How to Hunt Bugs in SAML; a Methodology - Part I
GitHub - enjoiz/XXEinjector: Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
GitHub - BuffaloWill/oxml_xxe: A tool for embedding XXE/XML exploits into different filetypes
XXE Payloads · GitHub
GitHub - enaqx/awesome-pentest: A collection of awesome penetration testing resources, tools and other shiny things
Listing of a number of useful Google dorks. · GitHub
Fold
Fold all
Expand
Expand all
Are you sure you want to delete this link?
Are you sure you want to delete this tag?
The personal, minimalist, super-fast, database free, bookmarking service by the Shaarli community