BodgeIt Store
Vulnerable web application for beginners in penetration testing.
findmytakeover detects dangling DNS record in a multi-cloud environment by scanning all the DNS zones and infrastructure present within the configured cloud service provider. It finds the DNS record for which the infrastructure behind it does not exist anymore rather than using wordlist. It can easily detect and report potential subdomain takeovers that exist. This tool is not tested to run on non-commercial Cloud Service Provider regions like AWS GovCloud, Azure Government or Google for Government but should be able to run without any issues.
Vulnerable web application for beginners in penetration testing.
An open-source tool for finding security vulnerabilities, compliance issues, and infrastructure misconfigurations in infrastructure-as-code
A collection of resources for securing AWS environments using the CIS Amazon Web Services Foundations Benchmark 1.1
A GitHub App that monitors GitHub organizations or repositories for adherence to security best practices and detects policy violations.
Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.
Web-application vulnerability scanner with extensive coverage of security testing modules.