SecHub provides a central API to test software with different security tools.

Proactive, Open source API security → API discovery, Testing in CI/CD, Test Library with 150+ Tests, Add custom tests, Sensitive data exposure

A few utilities to work with JWTs.

Scan your web apps for vulnerabilities, misconfigurations, and other security issues with the Pentest-Tools.com command-line program.

Repository for the Packt Publishing book titled "Tools and Skills for .NET 8" by Mark J. Price

Presenting a wide range of more than 100 powerful BadUSB scripts exclusively designed for Mac OS & the Flipper Zero device. As the sole curator and maintainer of this repository. Your utilization of these scripts is highly valued, and I sincerely appreciate your support and enthusiasm!

Automated Adversary Emulation Platform

secureCodeBox (SCB) - continuous secure delivery out of the box

Cyber Security Notes, Methodology, Resources and Tips

A security tool designed to perform thorough scans on a target using OpenVAS, Zap, and Nexpose. It seamlessly consolidates and integrates the scan results, providing a comprehensive overview of the security vulnerabilities identified.

The WaS Riki Recon is a powerful and comprehensive tool designed for security and performance assessments of web assets. Whether you are a security professional, a web developer, or an enthusiast, this tool provides a user-friendly interface to perform a variety of tests, from checking security headers to discovering subdomains.

The IoT Security Testing Guide (ISTG) provides a comprehensive methodology for penetration tests in the IoT field, offering flexibility to adapt innovations, and developments in the IoT market while still ensuring comparability of test results.

This repository showcases my Software QA skills, from the fundamentals to advanced automation and security testing. Quickly assess my capabilities with a clear breakdown of my expertise in test case design, bug reporting, various testing techniques, and more.

An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses

Basic SAML identity provider for testing service providers

Community generated list of API security tests to find OWASP top10, HackerOne top 10 vulnerabilities

Generator of static files(csv, jpeg, png, pdf) for testing file upload. It can generate csv and png files of any number of bytes!

Chowkidar automates security scans, leveraging open-source tools to identify vulnerabilities. Users simply input project details to receive detailed, actionable reports, ensuring robust security with minimal effort.

one-stop resource for all things offensive security.

Security tools report parsers for Faradaysec.com