Pinned Repositories
antisquat
awesome-forensics
A curated list of awesome forensic analysis tools and resources
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
Awesome-Red-Team-Operations
Bug_Bounty_Tools_and_Methodology
Bug Bounty Tools used on Twitch - Recon
Bugbounty-Tools
A curated list of various bug bounty tools
caldera
Automated Adversary Emulation Platform
CEH-in-bullet-points
💻 Certified ethical hacker summary in bullet points
CloudPeler
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
Conferences
Conference slides
5k1pp's Repositories
5k1pp/antisquat
5k1pp/awesome-forensics
A curated list of awesome forensic analysis tools and resources
5k1pp/Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
5k1pp/Awesome-Red-Team-Operations
5k1pp/Bug_Bounty_Tools_and_Methodology
Bug Bounty Tools used on Twitch - Recon
5k1pp/Bugbounty-Tools
A curated list of various bug bounty tools
5k1pp/caldera
Automated Adversary Emulation Platform
5k1pp/CEH-in-bullet-points
💻 Certified ethical hacker summary in bullet points
5k1pp/CloudPeler
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
5k1pp/Conferences
Conference slides
5k1pp/Ethical-Hacking
These are notes related to Ethical Hacking
5k1pp/hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
5k1pp/Linux101-Resources
Resources for TCM Security Linux 101 course
5k1pp/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
5k1pp/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
5k1pp/My-Profile
Config files for my GitHub profile.
5k1pp/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
5k1pp/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
5k1pp/pentips
CSbyGB PenTips Gitbook
5k1pp/Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
5k1pp/public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
5k1pp/Red-Team-Engagement-Simulation
A Red Team Engagement is a cybersecurity exercise designed to simulate real-world attacks and security breaches on an organization's systems, networks, and applications. The primary goal of a red team engagement is to identify vulnerabilities, weaknesses, and potential points of exploitation within an organization's defenses.
5k1pp/redteamrecipe.github.io
redteamrecipe.com
5k1pp/Resources-for-Beginner-Bug-Bounty-Hunters
A list of resources for those interested in getting started in bug bounties
5k1pp/social-engineer-toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
5k1pp/TCM-Security-Sample-Pentest-Report
Sample pentest report provided by TCM Security
5k1pp/tryhackme-ctf
TryHackMe CTFs writeups, notes, dratfs, scrabbles, files and solutions.
5k1pp/vapi
vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.
5k1pp/VX-API
Collection of various malicious functionality to aid in malware development
5k1pp/Windows-WiFi-Extractor
Extract Windows Wi-Fi Passwords to Remote URL