youda313 Goto Github PK

ad-lab

An active directory laboratory for penetration testing.

amsiscanbufferbypass

Circumvent AMSI by patching AmsiScanBuffer

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

automatedlab

AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2019, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.

aws-certified-security-specialty

awscloudpractitionerexam

badblood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

beroot

Privilege Escalation Project - Windows / Linux / Mac

buffer-overflow-guide

This Bufferflow Guide includes instructions and the scripts necessary for Buffer Overflow Exploitation. This guide is a supplement for TheCyberMentor's walkthrough. Please watch his walkthrough if you're confused. Feel free to implement Pull Requests or raise Issues.

bugbounty-cheatsheet

A list of interesting payloads, tips and tricks for bug bounty hunters.

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

crest-exam-prep

Cheatsheets and write ups for the CREST CRT and CCT Exams.

cryptohack_python

cryptohack python solutions

cyberrangead

Vagrant/Ansible to create and deploy 3 VMs and join them to the domain (1 x win2016-DC, 1 x winserver2016, 1 x win10client)

devsecops

devsecops pipeline with Jenkins/Maven/Git and more

domainrolefromremotecomputer

Get domain role and PC type from remote computers

ewstoolkit

Abusing Exchange via EWS

gtfobins.github.io

Curated list of Unix binaries that can be exploited to bypass system security restrictions

guacamole-docker-compose

Guacamole with docker-compose using PostgreSQL, nginx with SSL (self-signed)

internal-monologue

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

jenkins-fcc-readme

Follow-along instructions for the freeCodeCamp Jenkins course.

kali-compose

kubernetes-devops-security

ligolo

Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/

mavenapacheselenium

mavenspringvotingsystem

microsoft-azure-fundamentals-az-900-

msldap

LDAP library for auditing MS AD

mutillidae-docker

OWASP Mutillidae II is a free, open-source, deliberately vulnerable web application providing a target for web-security enthusiasts.

nimbostratus

Tools for fingerprinting and exploiting Amazon cloud infrastructures