rudenskagjini Goto Github PK

attack-navigator

Web app that provides basic navigation and annotation of ATT&CK matrices

beef

The Browser Exploitation Framework Project

buster

An advanced tool for email reconnaissance

certipy

Tool for Active Directory Certificate Services enumeration and abuse

cheatsheetseries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

cloud-azure

Discover for Cloud and Containers Azure

cyberchef

The Cyber Swiss Army Knife - a web app for encryption, encoding, compression and data analysis

cybersecurity-threat-intelligence

An ongoing & curated collection of awesome software best practices and remediation techniques, libraries and frameworks, E-books and videos, Technical guidelines and important resources about Threat Intelligence.

datasploit

An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.

deepbluecli

dettect

Detect Tactics, Techniques & Combat Threats

devops-essentials-sample-app

discover

Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.

dnsrecon

DNS Enumeration Script

domainpasswordspray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

dradis-ce

Dradis Framework: Collaboration and reporting for IT Security teams

evtx

C# based evtx parser with lots of extras

eyewitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

fireprox

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

gathercontacts

A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results

gtfobins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

h4cker

This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), artificial intelligence, vulnerability research, exploit development, reverse engineering, and more.

leaklooker

Find open databases - Powered by Binaryedge.io

mfasweep

A tool for checking if MFA is enabled on multiple Microsoft Services

misp-book

User guide of MISP

msolspray

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

openioc_1.1

owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

penetration-testing-cheat-sheet

Work in progress...

pngconverter