Sécurité

Scan git repos (or files) for secrets using regex and entropy 🔑 - zricethezav/gitleaks

WSTG - Latest on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

Crackstation is the most effective hash cracking service. We crack: MD5, SHA1, SHA2, WPA, and much more...

My Javascript Recon Process - BugBounty. GitHub Gist: instantly share code, notes, and snippets.

🄷 🄰 🄲 🄺 🄴 🅁 🇲🇦 🇮🇹 🇪🇸 . m4ll0k has 13 repositories available. Follow their code on GitHub.

CVE® is a list of records — each containing an identification number, a description, and at least one public reference — for publicly known cybersecurity vulnerabilities. The mission of the CVE Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities.

Metasploit can handle everything from scanning to exploitation. In this article, we will take a look at what makes Metasploit the most…

A backdoor in our code that can perform OS injection is one of the most scary scenarios ever. Currently, npm has more than 1.2M of public packages available.

Check whether your online credentials have been comprised with our up to date personal data leak checker tool.

How to systematically secure anything: a repository about security engineering - veeral-patel/how-to-secure-anything

Holistic Security

You deserve privacy. Here's how to check your phone, laptop, and online accounts to make sure no one's looking over your shoulder.

Facebook. Google. Netflix. Sometimes your accounts get compromised, so it’s vital to understand the threats.

Selon Google, Tsunami est un scanner de réseau qui permet de détecter les vulnérabilités critiques avec le moins de faux positifs possible.

Today I'd like to talk about passwords. Yes, I know, passwords are the worst, but why? This is the first of a series of posts about passwords, with this one ...

Attackers try to take over user accounts for several reasons and through several different methods. Learn why ATOs occur and what you can do about them.

Quel élu ne s’est pas entendu demander si sa collectivité comptait opérer une transformation numérique ? Ou, tout simplement, de quelle façon les services de sa collectivité allaient se « numériser » ou « s’informatiser » ? De nos jours, la notion de territoire numérique apparaît de plus en plus incontournable. L’actualité quotidienne illustre la nécessité de cette maîtrise du numérique, plus particulièrement sous l’angle de la cybersécurité.

Vous envisagez de passer votre site web en HTTPS ? Pour y parvenir, vous avez besoin d’un certificat HTTPS délivré par une Autorité de Certification. Il vous suffit ensuite de suivre quelques étapes pour activer le protocole HTTPS sur votre site. Voici comment faire.

Tout site web doit garantir son identité et la confidentialité des informations transmises.

BLOGUE – Ce billet est la suite du billet « Avez-vous défini les critères de sécurité de vos applications web? ». En effet, après avoir défini ces critères de sécurité, il faut mettre en place quelques règles techniques pour protéger …

Recap of Bishop Fox's favorite penetration testing tools for 2020 including, Nuclei, Spyse Search Engine, Dufflebag, GadgetProbe, RMIScout and more.

MSCHF Mag Tool: You’ve Got Spam

The '123456' password was spotted 7 million times across a data trove of one billion leaked credentials, in one of the biggest password re-use studies of its kind.