hell0scp Goto Github PK

ace-cloud-ops

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

active-directory-pentest

ad-pentesting

ad-pentesting-tools

anti-virus-evading-payloads

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!

api-security-checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

arachni

Web Application Security Scanner Framework

assemblyline

AssemblyLine 4 - File triage and malware analysis

awesome-aws-security

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

awesome-azure-architecture

AWESOME-Azure-Architecture

awesome-cloud-pentest

awesome-cybersecurity-blueteam

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

awesome-forensics

A curated list of awesome forensic analysis tools and resources

awesome-hacking

A curated list of awesome Hacking tutorials, tools and resources

awesome-incident-response

A curated list of tools for incident response

awesome-pcaptools

A collection of tools developed by other researchers in the Computer Science area to process network traces. All the right reserved for the original authors.

awesome-pentest

A collection of awesome penetration testing resources, tools and other shiny things

awesome-rtc-hacking

a list of awesome resources related to security and hacking of VoIP, WebRTC and VoLTE

awesome-security-newsletters

Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks

awesome-web-hacking

A list of web application security

awesome-websocket-security

Awesome information for WebSockets security research

azure-red-team

Azure Security Resources and Notes

brutesploit

BruteSploit is a collection of method for automated Generate, Bruteforce and Manipulation wordlist with interactive shell. That can be used during a penetration test to enumerate and maybe can be used in CTF for manipulation,combine,transform and permutation some words or file text :p

burp-shell-fwd-lfi

A Burp Suite plugin/extension that offers a shell in Burp. Both useful for OS Command injection and LFI exploration

cewl

CeWL is a Custom Word List Generator

chainsaw

Rapidly Search and Hunt through Windows Event Logs

cloudfail

Utilize misconfigured DNS and old database records to find hidden IP's behind the CloudFlare network

commix

Automated All-in-One OS Command Injection Exploitation Tool.

community-threats

The largest, public library of adversary emulation plans in JSON. A place to share custom SCYTHE threats with the community. #ThreatThursday