netr0m
Follow
Lists (32)
AppSec π‘οΈ
Application Security relating directly to the (development of) code16 repositories
Architecture/Design
12 repositories
Cheatsheet ποΈ
A collection of various cheatsheets15 repositories
Courses π
6 repositories
CTF π΄
59 repositories
DevOps βΈοΈ
79 repositories
DevSecOps π‘οΈ
Application Security not relating directly to the development of code72 repositories
DevUtils π§°
52 repositories
go
GOLANG8 repositories
IaC ποΈ
Infrastructure as Code26 repositories
Infra
71 repositories
k8s
15 repositories
MiniMoon π
2 repositories
MobileDev π±
2 repositories
OSINT ποΈ
Open Source Intelligence44 repositories
PracticalDevSec
Practical resources for security during development of software38 repositories
Privacy π₯·
21 repositories
PyProj π
Tools and resources for Python projetcs32 repositories
RE/MA β£οΈ
Reverse Engineering / Malware Analysis56 repositories
Rice π
96 repositories
Rust π¦
10 repositories
Scanning πΊοΈ
Tools and resources for [security] scanning and enumeration69 repositories
SEC/blue π¦
Security tools and resources for the blue team [defensive]109 repositories
SEC/k8s
16 repositories
SEC/red π₯
Security tools and resources for the red team [offensive]263 repositories
SecOps#infra
Security relating to infrastructure56 repositories
SecWorkshop
30 repositories
SRE
Reliability2 repositories
SysAdmin 
Resources and tools for system administration
72 repositories
// TODO
112 repositories
vita
8 repositories
WebDev πΈοΈ
Tools and resources for web development79 repositories
Starred repositories
374
results
for sponsorable starred repositories
Clear filter
Vulnerable app with examples showing how to not use secrets
The OWASP Vulnerable Web Applications Directory project (VWAD) is a comprehensive and well maintained registry of all known vulnerable web applications currently available.
intentionally vuln web Application Security in django
The CRDT Yjs WebSocket backend for conflict-free real-time collaboration in your app.
Ebitengine - A dead simple 2D game engine for Go
Hijacking valid driver services to load arbitrary (signed) drivers abusing native symbolic links and NT paths
MagicRecon is a powerful shell script to maximize the recon and data collection process of an objective and finding common vulnerabilities, all this saving the results obtained in an organized way β¦
Web and mobile application security training platform
Extremely fast Vite-compatible web build tool written in Rust
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground π
π Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.
π JavaScript diagramming library that uses SVG and HTML for rendering.
A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
An open source threat modeling tool from OWASP
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
A fuzzer for detecting open redirect vulnerabilities
The OWASP DevSecOps Guideline can help us to embedding security as a part of the development pipeline.
πΆ Kubernetes CLI To Manage Your Clusters In Style!
Fully open source, End to End Encrypted alternative to Google Photos and Apple Photos
XSS payloads designed to turn alert(1) into P1
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
JavaScript library for audio visualization. π
TypeScript implementation of TypeIDs: type-safe, K-sortable, and globally unique identifiers inspired by Stripe IDs
A fancy, easy-to-use and reactive self-hosted docker compose.yaml stack-oriented manager
yq is a portable command-line YAML, JSON, XML, CSV, TOML and properties processor
