Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Go

Ruby

Elixir

Clojure

C

Zig

MATLAB

HTML

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Zig

Racket

F#

Groovy

Crystal

Dart

Ruby

PowerShell

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇯🇪 Jersey

🇨🇱 Chile

🇻🇳 Vietnam

🇳🇦 Namibia

🇸🇪 Sweden

🇸🇧 Solomon Islands

🇹🇷 Türkiye

🇻🇺 Vanuatu

All Countries Compare Countries

kh4sh3i/Cloud-Flaws-CTF

Stars
5
Rank 2,861,937 (Top 57 %)
Language
License
Creative Commons ...
Created over 2 years ago
Updated over 2 years ago

kh4sh3i/Cloud-Flaws-CTF

kh4sh3i

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

flAWS.cloud and flAWS2.cloud Interactive tutorial/CTFs to learn common AWS security mistakes.

ICS-Pentesting-Tools

A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing

smartrecon

smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter

cloud-penetration-testing

A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud

Ransomware-Samples

Small collection of Ransomware organized by family.

bug-bounty-writeups

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

exchange-penetration-testing

The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)

Apache-Tomcat-Pentesting

Apache Tomcat exploit and Pentesting guide for penetration tester

Penetration-Testing-Interview-Questions

Penetration Testing Interview Questions

wifi-password-stealer

steal saved wifi passwords in a computer & ip of target then report them through email.

Application-Security-Interview-Questions

Here are some common interview questions for an application security position you can review for your own interview, along with example answers

Ransomware

Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As A Service and Ransomware protection technologies

Malware-Analysis

A curated list of awesome malware analysis tools and resources

security-mindmap

This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional people

Spring-CVE

This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".

ProxyShell

CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-23131

Zabbix - SAML SSO Authentication Bypass

xmlrpc-exploit

Exploiting the xmlrpc.php on all WordPress versions

FFUF-Tricks

Describe how to use ffuf different options with examples

DDoS-Attack

DDoS Attack and type of ddos attack and ddos mitigation approach

ElasticSearch-Pentesting

ElasticSearch exploit and Pentesting guide for penetration tester

Shodan-Dorks

a curated list of shodan dorks for finding sensitive data in shodan.io

Active-Directory-Attacks

A curated list of awesome Active Directory Penetration Testing and attack resources

DevSecOps

Collection and Roadmap for everyone who wants DevSecOps, contains list of tools and methodologies

Smishing-Botnets

Smishing Botnets Going Viral in Iran

Cyber-Threat-Hunting

A curated list of threat detection and hunting resources

Bug-Hunting-Handbook

Bug Hunting Handbook

Nextcloud-Pentesting

Nextcloud exploit and Pentesting guide for penetration tester

Fresh-Resolvers

List of fresh DNS resolvers updated daily

bruteforce-http-authentication

Bruteforce HTTP Authentication. Supports: Basic HTTP authentication ,Digest HTTP authentication

ProxyLogon

ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)

RabbitMQ-Pentesting

RabbitMQ exploit and Pentesting guide for penetration tester

CVE-2022-26134

[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)

PHP-Interview-Questions

a curated list of php interview questions and answers

cyber-attacks-in-iran

A curated list of awesome cyber attacks in iran, we want to review and explain some advanced attack that happened in iran, in order to learned some security tips.

Webmin-CVE

a Curated list of Webmin vulnerability for penetration tester

open-DNS-resolver

DNS Open resolvers or Open DNS resolver vulnerability are type of DNS amplification attack.

Python-Interview-Questions

a curated list of Python interview questions and answers

CVE-2023-38646

Metabase Pre-auth RCE (CVE-2023-38646)

Gitlab-CVE

a Curated list of gitlab vulnerability

GitLab-SSRF-CVE-2021-22214

POC for CVE-2021-22214: Gitlab SSRF

FortiWeb

FortiWeb is a web application firewall (WAF)

kh4sh3i

CKEditor-Pentesting

Grafana-CVE

a Curated list of Grafana Security Vulnerabilities, CVE & exploit

Favicon-Hash

Calculate Favicon Hash for Shodan

Splunk

a useful tutorial about splunk and security splunk app

97-Tests-for-Authentication-API

97 JSON Tests for Authentication Endpoints

Redis-Pentesting

Redis exploit and Pentesting guide for penetration tester

CVE-2021-30573

Google Chrome Vulnerabilities CVE-2021-30573 allowed a remote attacker to potentially exploit heap corruption