Sandeep Kasturi's Projects
In-depth Attack Surface Mapping and Asset Discovery
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
A curated list of awesome infosec courses and training resources.
:scream: A curated list of amazingly awesome OSINT
A tool for parsing breached passwords
BBT - Bug Bounty Tools
This is the One Stop place where you can find almost all of your Tools of Requirements in DFIR
Purple Team Resources for Enterprise Purple Teaming: An Exploratory Qualitative Study by Xena Olsen.
Windows Events Attack Samples
An awesome list of FREE resources for training, conferences, speaking, labs, reading, etc that are free. Originally built during COVID-19 for cybersecurity professionals with downtime can take advantage of to improve their skills and marketability to come out on the other side ready to rock. Now its taken on a life of its own and will persist, COVID be damned.
The Google Cloud Developer's Cheat Sheet
A community event for security researchers to share their favorite notebooks
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Malware samples, analysis exercises and other interesting resources.
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.
Pretty PowerShell that looks good and functions almost as good as Linux terminal
PowerSploit - A PowerShell Post-Exploitation Framework
This version of PowerUp is now unsupported. See https://github.com/Veil-Framework/PowerTools/tree/master/PowerUp for the most current version.
FAQ Guide for Practical Ethical Hacking Udemy Course
Wordlists sorted by probability originally created for password generation and testing
Curated list of public penetration test reports released by several consulting firms and academic security groups
A list of resources for those interested in getting started in bug bounties
RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data