stephenharuna Goto Github PK

adhdproject.github.io

apt-lab-terraform

Purple Teaming Attack & Hunt Lab - Terraform

apt06202001

Applied Purple Teaming - Infrastructure, Threat Optics, and Continious Improvement - June 6, 2020

asminvs

Tutorial for writing x86 / x64 assembly code in Visual Studio

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

attack-eval-scoring

This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/EnterpriseAPT29Eval for round 2 information.

awesome-fuzzing

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

awesome-red-teaming

List of Awesome Red Teaming Resources

beaker

Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana

bloodhound

Six Degrees of Domain Admin

buildyourownlisp

Learn C and build your own programming language in under 1000 lines of code!

checklists

Red Teaming & Pentesting checklists for various engagements

cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

comp_arch_list

List of required readings for three-semester course in Computer Architecture at UCU (Principles of Computer Organization, Computer System Architecture, Operating Systems)

conpot

ICS/SCADA honeypot

creddefense

Credential and Red Teaming Defense for Windows Environments

credking

Password spraying using AWS Lambda for IP rotation

cti-training

OASIS TC Open Repository: Providing a collection of CTI-related training materials

cybersecuritycollections

deimosc2

DeimosC2 is a Golang command and control framework for post-exploitation.

detectionlabelk

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

dnsobserver

A handy DNS service written in Go to aid in the detection of several types of blind vulnerabilities. It monitors a pentester's server for out-of-band DNS interactions and sends lookup notifications via Slack.

domainpasswordspray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

dostoevsky-pentest-notes

Notes for taking the OSCP in 2097. Read in book form on GitBook

dumb-nfuzz

The Dumb Network Fuzzer

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

exploitation-course

Offensive Software Exploitation Course

eyewitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

faraday

Collaborative Penetration Test and Vulnerability Management Platform

fireprox

AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation