Edoardo Ottavianelli
edoardottt
Offensive Security Analyst and Researcher
Languages
Top Repositories
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Discover new target domains using Content Security Policy
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Little Bug Bounty & Hacking Tools⚔️
Repositories
70A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Take a list of domains, crawl urls and scan for endpoints, secrets, api keys, file extensions, tokens and more
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
Information Gathering tool - DNS / Subdomains / Ports / Directories enumeration
Highly customizable low-interaction experimental honeypot that mimics specific hosts.
TryHackMe CTFs writeups, notes, drafts, scrabbles, files and solutions.
Weekly updated list of missing CVEs in nuclei templates official repository. Mainly built for bug bounty, but useful for penetration tests and vulnerability assessments too.
Discover new target domains using Content Security Policy
List of companies that hire security people full remote.
Master of Science in Cybersecurity, Sapienza University of Rome.
Use favicons to improve your target recon phase. Quickly detect technologies, WAF, exposed panels, known services.
The Most Advanced Client-Side Prototype Pollution Scanner
Useful material for learning Python, start coding and learn how to logically solve real world problems.
Little Bug Bounty & Hacking Tools⚔️
Like and retweet your tweets, or search tweets by topic. It stores and serves data with a Flask webapp. 🐦 Live demo running on twitter.com/ai_testing
Sub-Domain TakeOver Vulnerability Scanner (edoardottt fork)
List of Tech/Geo/Economics/Politics sources of news. 🌍
CLI client (and Golang module) for deps.dev API. Free access to dependencies, licenses, advisories, and other critical health and security signals for open source package versions.
Generate customized Password/Passphrase wordlist based on target information
Notes I took while preparing for eJPT certification by INE Security (passed 19/20, fka eLearn Security)
🔒command line tool checking password safety🔒
Estimate how long it takes to read a text
Golang module exporting general purpose functions I get tired of rewriting every time
CompTIA Security+ SY0-601 notes (passed 788 points)
Response Filter Denial of Service (RFDoS) Experimental Scanner
Proposal and Investigation of a framework for Cross App Poisoning attacks detection in Software Defined Networks - Master of Science in Cybersecurity Thesis, Sapienza University
Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
[NOT WORKING] 🤖 CLI Twitter Bot. It's made to reach more engagement based on your interests. See https://github.com/edoardottt/twitterbot2
My experiments in weaponizing ONOS applications (https://github.com/opennetworkinglab/onos)
🖼️Images for edoardottt's repositories🖼️