Automating situational awareness for cloud penetration tests.

Checks whether a domain is hosted on a cloud service such as AWS, Azure or CloudFlare

Multi-Cloud Security Auditing Tool

Clone this repo to build Frida

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

A collection of real-world threat model examples across various technologies, providing practical insights into identifying and mitigating security risks.

A Pythonic framework for threat modeling

gpxplotter reads gpx files and makes some simple plots.

GFPGAN aims at developing Practical Algorithms for Real-world Face Restoration.

Some Python tooling to for example try to decrypt CyberArk .cred credential files

A tool for quickly evaluating IAM permissions in AWS.

NessusV2 File Parser

A glossy Matrix collaboration client for the web.

Script that organizes the Google Takeout archive into one big chronological folder

Network Analysis Tool

OneForAll是一款功能强大的子域收集工具

sslscan tests SSL/TLS enabled services to discover supported cipher suites

Testing TLS/SSL encryption anywhere on any port

In-depth attack surface mapping and asset discovery

A collection of various awesome lists for hackers, pentesters and security researchers

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Directory/File, DNS and VHost busting tool written in Go

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

Security auditing tool for AWS environments

A curated list of awesome awesomeness

😎 Awesome lists about all kinds of interesting topics

A curated list of awesome Monzo related things

Responsive dashboard templates 📊✨