This is your work, valued

India

Ishaq Mohammed

Elite
@security-prince

AppSec Enthusiast

Application-Security-Engineer-Interview-Questions. Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

688

PWK-OSCP-Preparation-Roadmap. Roadmap for preparing for OSCP, anyone is free to use this, and also feedback and contributions are welcome

392

Resources-for-Application-Security. Some good resources for getting started with application security

149

Browser-Security-Research. Resources for Browser Security Research

60

MavenDependencyCheck. An automation script to run OWASP Dependency-Check on multiple Maven Based projects.

6

security_whitepapers. Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi

3

companies-hiring-security-remote. This repo is meant to be a list of companies that hire security people full remote.

2

awesome-infosec. A curated list of awesome infosec courses and training resources.

2

computer-science. :mortar_board: Path to a free self-taught education in Computer Science!

2

security-1. A collection of software, libraries, documents, books, resources and cools stuffs about security.

2

awesome-internet-scanning. A curated list of awesome Internet port and host scanners, plus related components and much more, with a focus on free and open source projects.

2

A-Good-Cyber-Security-List. HTML

2

awesome-threat-modelling. A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

1

InfoSec-Learning-Materials. Resource for developing infosec skills for OSCP

1

awesome-browser-exploit. awesome list of browser exploitation tutorials

1

OSCP-1. OSCP cheet sheet

1

Web-CTF-Cheatsheet. Web CTF CheatSheet 🐈

1

Red-Teaming-Toolkit. A collection of open source and commercial tools that aid in red team operations.

1

DevopsWiki. A wiki of Devops Tools, Tutorials and Scripts

1

quick-SQL-cheatsheet. A quick reminder of all SQL queries and examples on how to use them.

1

awesome-code-review. An "Awesome" list of code review resources - articles, papers, tools, etc

1

awesome-distributed-systems-1. Awesome list of distributed systems resources

1

OSCP-Archives. An archive of everything related to OSCP

1

exploit-database-bin-sploits. Exploit Database binary exploits located in the /sploits directory

1

Free-Security-eBooks. Free Security and Hacking eBooks

1

google-ctf. Google CTF challenges

1

Cheatsheet. Python

1

Library-Management-System. Library Management System

1

phpstan. PHP Static Analysis Tool - discover bugs in your code without running it!

1

developer-roadmap. Roadmap to becoming a web developer in 2018

1

Awesome-Red-Teaming. List of Awesome Red Teaming Resources

1

Mirai-Source-Code. Leaked Mirai Source Code for Research/IoC Development Purposes

1

H5SC. HTML5 Security Cheatsheet - A collection of HTML5 related XSS attack vectors

1

OWASP-Web-Checklist. OWASP Web Application Security Testing Checklist

1

kurukshetra. Kurukshetra - A framework for teaching secure coding by means of interactive problem solving.

1

every-programmer-should-know. A collection of (mostly) technical things every software developer should know

1

PracticalMalwareLabs. Keep track of the labs from the book "Practical Malware Analysis"

1

Reconnoitre. A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results along with writing out recommendations for further testing.

1

IoTSecurity101. From IoT Pentesting to IoT Security

1

dirtycow.github.io. Dirty COW

1

pocs. Proof of Concepts (PE, PDF...)

1

ctf. Python

1

nullmumbai08-10-16. SQL injection, CSRF, brute force and image upload vulnerability hack scripts and safeguarding scripts

1

how2heap. A repository for learning various heap exploitation techniques.

1

MavenDependencyCheck-Golang. Go

1