Skip to content
View Arzleck's full-sized avatar
3 followers · 1 following

Block or report Arzleck

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

DataDog / stratus-red-team

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Go 2,185 271 Updated Nov 1, 2025

secureworks / family-of-client-ids-research

Research into Undocumented Behavior of Azure AD Refresh Tokens

Python 323 38 Updated Feb 23, 2024

VirtueSecurity / IAMhounddog

A tool to help pentesters quickly identify privileged principals and second-order privilege escalation opportunities in unfamiliar AWS accounts.

Go 130 13 Updated Sep 16, 2025

yo-yo-yo-jbo / dumping_lsass

The different ways to dump lsass

C 195 24 Updated Aug 15, 2025

projectdiscovery / nuclei

Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the …

Go 25,383 2,937 Updated Nov 10, 2025

OWASP / OFFAT

The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving to…

Python 654 86 Updated Sep 19, 2025

microsoft / restler-fuzzer

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services.

Python 2,829 325 Updated Oct 15, 2025

blst-security / cherrybomb

Stop half-done APIs! Cherrybomb is a CLI tool that helps you avoid undefined user behaviour by auditing your API specifications, validating them and running API security tests.

Rust 1,222 83 Updated Oct 25, 2024

dockur / windows

Windows inside a Docker container.

Shell 48,455 3,652 Updated Nov 7, 2025

cisagov / thorium

A scalable file analysis and data generation platform that allows users to easily orchestrate arbitrary docker/vm/shell tools at scale.

Rust 959 114 Updated Nov 7, 2025

BishopFox / sj

A tool for auditing endpoints defined in exposed (Swagger/OpenAPI) definition files.

Go 708 97 Updated Sep 19, 2025

assetnote / kiterunner

Contextual Content Discovery Tool

Go 3,005 327 Updated Apr 29, 2024

OWASP / API-Security

OWASP API Security Project

Dockerfile 2,213 396 Updated Dec 31, 2024

shieldfy / API-Security-Checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

23,087 2,663 Updated May 7, 2025

arainho / awesome-api-security

A collection of awesome API Security tools and resources. The focus goes to open-source tools and resources that benefit all the community.

3,551 574 Updated Apr 11, 2025

erev0s / VAmPI

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing

Python 1,041 467 Updated Nov 25, 2024

intruder-io / autoswagger

Autoswagger by Intruder - detect API auth weaknesses

Python 1,633 148 Updated Aug 8, 2025

R-s0n / cloud_enum

Forked from initstring/cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

Python 16 1 Updated Jul 11, 2025

absolomb / FindMeAccess

Python 126 22 Updated Jul 7, 2025

slowmist / MCP-Security-Checklist

A comprehensive security checklist for MCP-based AI tools. Built by SlowMist to safeguard LLM plugin ecosystems.

764 63 Updated Apr 28, 2025

ChrisTitusTech / winutil

Chris Titus Tech's Windows Utility - Install Programs, Tweaks, Fixes, and Updates

PowerShell 42,584 2,266 Updated Nov 8, 2025

carlospolop / CloudPEASS

Python 579 61 Updated Aug 28, 2025

roottusk / vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.

HTML 1,306 328 Updated Jan 10, 2025

securesloth / noCAP

Lightweight security tool for auditing your organization's Conditional Access Policies (CAPs) in Microsoft Entra ID for potential misconfigurations.

Python 76 5 Updated Feb 25, 2025

HuskyHacks / cazadora

Simple hunting script for suspicious M365 OAuth Apps

Python 312 31 Updated Sep 23, 2025

microsoft / Microsoft-Win32-Content-Prep-Tool

A tool to wrap Win32 App and then it can be uploaded to Intune

1,270 259 Updated Aug 13, 2025

SecurityAura / Aura-Research

Repo that hold write-ups of various research projects I did and/or overall InfoSec things I investigated/researched.

HTML 21 4 Updated Jan 5, 2025

microsoft / markitdown

Python tool for converting files and office documents to Markdown.

Python 82,790 4,686 Updated Oct 20, 2025

osintmatter / RequestShield

RequestShield is a 100% Free and OpenSource tool designed to analyze HTTP access.logs and identify suspicious HTTP requests and potential security threats. It uses factors like geolocation, abuse h…

Python 105 8 Updated Dec 2, 2024

ly4k / Certipy

Tool for Active Directory Certificate Services enumeration and abuse

Python 3,232 434 Updated Sep 30, 2025
Next