Git Product home page Git Product logo

πŸ”‘ Intro:

Andy has been consulting in offensive security for over a decade, focusing on red teaming and simulated attacks with a side of threat intelligence and purple teaming. Leading engagements of varying sizes and lengths, helping grow teams and encouraging risk-driven understanding.

image

βœ”οΈ Projects:

⌨️ Blog:

I post most of my research and other interesting tutorials on my blog

πŸ“š Book:

For those that don't know Andy, he is a firm believer in passing knowledge on and supporting the infosec community he does this by providing tutorials on his blog running his local DEF CON Chapter & has also published two books Breaking into Information Security and LTR102. He also helps out at DEF CON as a SOC Goon (Red Shirt) too each year (since DC25), assisting the SOC with operations and people flow.

🎀 Talks:

2024

2023

2022

2021

2020

2019

2018

πŸ† Bug Bounty:

πŸ“› Badges

Andy has been in the IT security industry for just over 15 years, a decade of which has been dedicated to security and offensive operations. He previously held CREST’s CCT Infrastructure certification, which is highly sought-after, and CHECK Team Leader status. In addition to his years in the industry, he holds several other certifications and accolades, including CRTO, OSCP, and OSWP.

Andy's Projects

3klcon icon 3klcon

Automation Recon tool which works with Large & Medium scopes. It performs more than 20 tasks and gets back all the results in separated files.

ad_miner icon ad_miner

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

allthewayback icon allthewayback

Search the Wayback Machine for specific historical files which may contain sensitive data.

ames icon ames

another metasploit exploit suggester

api-security-checklist icon api-security-checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

applied-crypto-hardening icon applied-crypto-hardening

Paper (DRAFT) on Best Current Practices regarding the configuration of cyptographic tools and online communication

asreproast icon asreproast

Project that retrieves crackable hashes from KRB5 AS-REP responses for users without kerberoast preauthentication enabled.

assetnote-exploits icon assetnote-exploits

Repository to store exploits created by Assetnotes Security Research team - some forked and modified for easier scanning

at-ps icon at-ps

Adversary Tactics - PowerShell Training

aws-scanner icon aws-scanner

Scans a list of websites for Cloudfront or S3 Buckets

azureattackkit icon azureattackkit

Collection of Azure Tools to Pull down for Attacking an Environment + quick tips and other useful information

badshares icon badshares

A tool to create randomly insecure file shares that also contain unsecured credential files

blog_backup icon blog_backup

A repository with various tutorials on how to do things in Pentesting, setup environments and other things

bof.net icon bof.net

A .NET Runtime for Cobalt Strike's Beacon Object Files

bug-bounty-reference icon bug-bounty-reference

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    πŸ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. πŸ“ŠπŸ“ˆπŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❀️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.