cyb3rm3g Goto Github PK

403jump

HTTP 403 bypass tool

a-red-teamer-diaries

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

above

Invisible network protocol sniffer

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

ad-assessmentkit

Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam.

ad-training-lab

Automated Active Directory lab running on Proxmox

ad_miner

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

adspider

Monitor changes in Active Directory with replication metadata

ai-exploits

A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities

anti-virus-evading-payloads

During the exploitation phase of a pen test or ethical hacking engagement

artemis

A modular vulnerability scanner with automatic report generation capabilities.

asm

Learning assembly for linux x86_64

attack-surface-framework

Tool to discover external and internal network attack surface

awesome-azure-pentest

A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.

awesome-gpt-agents

A curated list of GPT agents for cybersecurity

awesome-honeypots

an awesome list of honeypot resources

awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

awesome-password-spraying

Everything and anything related to password spraying

awesome-pentest-cheat-sheets

Collection of cheat sheets useful for pentesting

awesome-red-team-operations

awesome-shodan-queries

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

awesome-vulnerable

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

azuread-attack-defense

This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.

bestedrofthemarket

Little AV/EDR bypassing lab for training & learning purposes

bluespy

PoC to record audio from a Bluetooth device

browserbruter

BrowserBruter is a powerful web form fuzzing automation tool designed for web security professionals and penetration testers. This Python-based tool leverages Selenium and Selenium-Wire to automate web form fuzzing, making it easier to identify potential vulnerabilities in web applications.

bucketloot

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

bug-bounty

Ressources for bug bounty hunting

bunkerweb

🛡️ Open-source and next-generation Web Application Firewall (WAF)

burpsuite-for-pentester

This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".