storbeck
Follow
Stars
LazyOwn RedTeam/APT Framework is the first RedTeam Framework with an AI-powered C&C, featuring rootkits to conceal campaigns, undetectable malleable implants compatible with Windows/Linux/Mac OSX, β¦
π + π― + π = Everything you need to query Apple's FindMy network!
Real-time Certificate Transparency log monitor built in Go. Track SSL/TLS certificate issuance across the internet with live updates, regex-based filtering, and color-coded output.
Generate realistic IT security alert voicemails using GPT-4 for scripting and ElevenLabs for AI voice synthesis. A Go-based tool for crafting professional-grade alerts with customizable details andβ¦
β‘ Perform subdomain enumeration using the certificate transparency logs from Censys.
Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wisβ¦
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
The most opinionated Go source code linter for code audit.
A collection of my Semgrep rules to facilitate vulnerability research.
Semgrep queries developed by Trail of Bits.
A source code analyzer built for surfacing features of interest and other characteristics to answer the question 'What's in the code?' quickly using static analysis with a json based rules engine. β¦
DevSkim is a set of IDE plugins, language analyzers, and rules that provide security "linting" capabilities.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static aβ¦
π A curated list of awesome .cursorrules files
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
This tool will check for Sensitive Data Leakage with some useful patterns/RegEx. The patterns are mostly targeted on waybackdata and filter everything accordingly.
π‘ PoC auto collect from GitHub.
Collection of methodology and test case for various web vulnerabilities.
Open Source Vulnerability Management Platform
Web vulnerability scanner written in Python3
π π Find secrets and passwords in container images and file systems π π
SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.
SubDominator helps you discover subdomains associated with a target domain efficiently and with minimal impact for your Bug Bounty
External monitoring for organization assets
Making Favicon.ico based Recon Great again !
All about bug bounty (bypasses, payloads, and etc)
List of Awesome Offensive Tools written in GO