a-min3 Goto Github PK

awesome-malware-analysis

A curated list of awesome malware analysis tools and resources.

awesome-osint

:scream: A curated list of amazingly awesome OSINT

awesome-pentest

A collection of awesome penetration testing resources, tools and other shiny things

awesome-red-teaming

List of Awesome Red Teaming Resources

awesome-security-hardening

A collection of awesome security hardening guides, tools and other resources

awesome-shodan-queries

🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩‍💻

awesome-static-analysis

Static analysis tools for all programming languages

awesome-vulnerability-research

🦄 A curated list of the awesome resources about the Vulnerability Research

awesome-waf

🔥 Everything awesome about awesome web-application firewalls (WAF).

awesome-web-security

🐶 A curated list of Web Security materials and resources.

awesome-windows-domain-hardening

A curated list of awesome Security Hardening techniques for Windows.

aws-iam-privilege-escalation

A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.

aws_pwn

A collection of AWS penetration testing junk

az-500-azure-security

azucar

Security auditing tool for Azure environments

azure-docs

Open source documentation of Microsoft Azure

b374k

PHP Webshell with handy features

basic-challenges

Challenges i wrote for entry level offensive security presentation

bleak

A Windows native DLL injection library written in C# that supports several methods of injection.

bloodhound.py

A Python based ingestor for BloodHound

blueborne

PoC scripts demonstrating the BlueBorne vulnerabilities

callobfuscator

Obfuscate specific windows apis with different apis

ccat

Cisco Config Analysis Tool

check-localadminhash

Check-LocalAdminHash is a PowerShell tool that attempts to authenticate to multiple hosts over either WMI or SMB using a password hash to determine if the provided credential is a local administrator. It's useful if you obtain a password hash for a user and want to see where they are local admin on a network. It is essentially a Frankenstein of two of my favorite tools along with some of my own code. It utilizes Kevin Robertson's (@kevin_robertson) Invoke-TheHash project for the credential checking portion. Additionally, the script utilizes modules from PowerView by Will Schroeder (@harmj0y) and Matt Graeber (@mattifestation) to enumerate domain computers to find targets for testing admin access against.

checkov

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

commando-vm

commonspeak2-wordlists

Wordlists that have been compiled using Commonspeak2. This repo is updated every time new wordlists are generated.

compsecattacklabs

Contains Attack labs

covenant

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers.