continuous-threat-modeling
command-injection-payload-list
continuous-threat-modeling | command-injection-payload-list | |
---|---|---|
1 | 2 | |
288 | 2,582 | |
0.0% | 0.0% | |
0.0 | 0.0 | |
almost 2 years ago | over 1 year ago | |
GNU General Public License v3.0 or later | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
continuous-threat-modeling
-
Building security in to Agile Srpints
Also checkout the DevSLOp YouTube channel, autodesks continuous threat modeling at https://github.com/Autodesk/continuous-threat-modeling and OWASPs ASVS. That should set you up quite nicely.
command-injection-payload-list
-
practical command injection - command injection room
Nothing I do is working. The payloads discussed during the room are not working. Nothing in this cheat sheet is working either https://github.com/payloadbox/command-injection-payload-list
-
Help with L11C8 / Level 11 Challenge 8 / Cryptonite
Was able to solve using one of the commands from this list and modifying. https://github.com/payloadbox/command-injection-payload-list. Can't believe I didn't try it earlier.
What are some alternatives?
can-i-take-over-xyz - "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
RockYou2021.txt - RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
sql-injection-payload-list - 🎯 SQL Injection Payload List
bugbounty-cheatsheet - A list of interesting payloads, tips and tricks for bug bounty hunters.
UnSAFE_Bank - Vulnerable Banking Suite
maruos - Your phone is your PC.
ecr-scan-reporter - Simple collection of tiny AWS Lambda Function that help with monitoring of ECR repositories.
HowToHunt - Collection of methodology and test case for various web vulnerabilities.
apparmor-profiles - Improve your system's security.
herpaderping - Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
awesome-OS - A collection of all big and small open-source projects and clones of Linux, Windows, and macOS operating system and their software. [Moved to: https://github.com/zriyansh/awesome-OS]
z - 〽️ 浮之静