oakkaya Goto Github PK

1.6-c2

Using the Counter Strike 1.6 RCON protocol as a C2 Channel.

30-days-of-javascript

30 days of JavaScript programming challenge is a step-by-step guide to learn JavaScript programming language in 30 days. This challenge may take more than 100 days, please just follow your own pace.

403bypasser

a-red-teamer-diaries

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

activedirectory_lab

Active DIrectory Lab for Pentesting Practice

ad-attack-defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

adape-script

Active Directory Assessment and Privilege Escalation Script

adb-toolkit

ADB-Toolkit V2 for easy ADB tricks with many perks in all one. ENJOY!

adcheatsheet

Active Directory Cheat Sheet

adpeas

Powershell tool to automate Active Directory enumeration.

advanced-process-injection-workshop

advanced-sql-injection-cheatsheet

A cheat sheet that contains advanced queries for SQL Injection of all types.

aesshellcodeencrypter

This is a CS project that will encrypt shell code from msfvenom using AES

aflplusplus

The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!

afrog

A Security Tool for Bug Bounty, Pentest and Red Teaming.

agartha

a burp extension for dynamic payload generation to detect injection flaws (RCE, LFI, SQLi), creates access matrix based user sessions to spot authentication/authorization issues, and converts Http requests to Javascript for further XSS exploitation and more.

akto

Instant, Open source API security → API discovery, automated business logic testing and runtime detection.

allaboutbugbounty

All about bug bounty (bypasses, payloads, and etc)

alternativeshellcodeexec

Alternative Shellcode Execution Via Callbacks

amass

In-depth Attack Surface Mapping and Asset Discovery

android-penetration-testing

android-security-exploits-youtube-curriculum

🔓A curated list of modern Android exploitation conference talks.

android-security-list

Collection of Android security related resources

androidmobilepentest101

Pentesting Android Application Course For Kids+ (English and Vietnamese edition)

anonsurf

parrot anonymous mode

anti-virus-evading-payloads

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!

antisquat

aort

All in One Recon Tool for Bug Bounty

api-security-checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API