Information Security
apk-mitm A CLI application that automatically prepares Android APK files for HTTPS inspection Inspecting a mobile app’s HTTPS traffic using a proxy is probably the easiest way to figure out how it works. However,...
Slack Watchman Slack Watchman is an application that uses the Slack API to look for potentially sensitive data exposed in your Slack workspaces. Features It searches for, and reports back on: Externally shared channels...
Jaeles is a powerful, flexible, and easily extensible framework written in Go for building your own Web Application Scanner. Changelog v0.13-beta Refactor jaeles config commands. Added –at option to enable always true detection for an observed...
What is CTFd? CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it’s easy to customize with plugins...
The OWASP Zed Attack Proxy (ZAP) is easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security...
Mondoo Mondoo is a natural language query system for scanning, deploying, and remediating your cloud-native applications. Feature Insights into your fleet Ask questions about your deployments and get answers. Simple questions are answered using...
iox Tool for port forward & intranet proxy, just like lcx/ew, but better Why write? lcx and ew are awesome but can be improved. when I first used them, I can’t remember these complicated parameters for...
Scout Scout is a URL fuzzer for discovering undisclosed files and directories on a web server. A full word list is included in the binary, meaning maximum portability and minimal configuration. Aim and fire!...
tfsec tfsec uses static analysis of your terraforms templates to spot potential security issues. Now with terraform v0.12+ support. Features Checks for sensitive data inclusion across all providers Checks for violations of AWS, Azure...
shad0w SHAD0W is a modular C2 framework designed to successfully operate in mature environments. It will use a range of methods to evade EDR and AV while allowing the operator to continue using tooling...
Suggested Reading