Pinned Repositories
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
eko15
Material utilizado en el Workshop de Red Teaming en el 2019 para la edicion 15 de la Eko
ekoparty2015
Material utilizado en los Workshops de Ekoparty 2015
h8mail
Email OSINT and password breach hunting. Use h8mail to find passwords through different breach and reconnaissance services, or the infamous Breached Compilation torrent
LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
Open-SecTraining
Scripts usados en los entrenamientos de Open-Sec - Publicos y modificados o creados por el Core Team de Open-Sec.
OSEH
Open-Sec Ethical Hacker
Pentesting
RedTeaming
Open-Sec's Repositories
Open-Sec/eko15
Material utilizado en el Workshop de Red Teaming en el 2019 para la edicion 15 de la Eko
Open-Sec/OSEH
Open-Sec Ethical Hacker
Open-Sec/Bug-bounty
Ressources for bug bounty hunting
Open-Sec/Seth
Perform a MitM attack and extract clear text credentials from RDP connections
Open-Sec/at-ps
Adversary Tactics - PowerShell Training
Open-Sec/automatic-api-attack-tool
Imperva's customizable API attack tool takes an API specification as an input, generates and runs attacks that are based on it as an output.
Open-Sec/AutoRDPwn
The Shadow Attack Framework
Open-Sec/breaking-and-pwning-apps-and-servers-aws-azure-training
Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training!
Open-Sec/Buildium
Open-Sec/CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
Open-Sec/Dark_Web_Scraping
This repository contains scrapers programs to scrape hacking forums from Dark web
Open-Sec/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
Open-Sec/generator-burp-extension
Everything you need about Burp Extension Generation
Open-Sec/HQLmap
(Deprecated) HQLmap, Automatic tool to exploit HQL injections
Open-Sec/junegle_2020_containers
For the Junegle.io event
Open-Sec/kube-hunter
Hunt for security weaknesses in Kubernetes clusters
Open-Sec/lsassy
Extract credentials from lsass remotely
Open-Sec/lyncsmash
locate and attack Lync/Skype for Business
Open-Sec/nuclei
Nuclei is a fast tool for configurable targeted scanning based on templates offering massive extensibility and ease of use.
Open-Sec/openvpn-install
OpenVPN road warrior installer for Debian, Ubuntu and CentOS
Open-Sec/Ps-Tools
Ps-Tools, an advanced process monitoring toolkit for offensive operations
Open-Sec/PurpleSharp
PurpleSharp is a C# adversary simulation tool that executes adversary techniques with the purpose of generating attack telemetry in monitored Windows environments
Open-Sec/Pwdb-Public
A collection of all the data i could extract from 1 billion leaked credentials from internet.
Open-Sec/pymeta
Pymeta will search the web for files on a domain to download and extract metadata. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
Open-Sec/redirect.rules
Quick and dirty redirect.rules dynamic generator
Open-Sec/SecGen
Create randomly insecure VMs
Open-Sec/template
A template Sphinx repo
Open-Sec/threagile
Agile Threat Modeling Toolkit
Open-Sec/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
Open-Sec/Yippee-Ki-Yay-MFA-er
Code samples discussed during DEFCON Red Team Village Talk -- "Yippee-Ki-Yay MFA'er - Bypassing Multi-Factor Authentication with Real-Time Replay Session Instantiation Attacks" by Hutch