Pinned Repositories
BlueTeam-Tools
Tools and Techniques for Blue Team / Incident Response
gohttpserver
The best HTTP Static File Server, write with golang+vue
katana
A next-generation crawling and spidering framework.
Nightingale
It's a Docker Environment for Pentesting which having all the required tool for VAPT.
OFFAT
The OWASP OFFAT tool autonomously assesses your API for prevalent vulnerabilities, though full compatibility with OAS v3 is pending. The project remains a work in progress, continuously evolving towards completion.
prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls and many more additional checks that help on GDPR, HIPAA and other security frameworks.
sysadmin
the flow of time is always cruel
Web-CTF-Cheatsheet
Web CTF CheatSheet 🐈
babywyrm's Repositories
babywyrm/gohttpserver
The best HTTP Static File Server, write with golang+vue
babywyrm/Blue-Team-Notes
You didn't think I'd go and leave the blue team out, right?
babywyrm/crowdsec
CrowdSec - the open-source and participative IPS able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global CTI database to protect the user network.
babywyrm/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
babywyrm/Awesome-Cybersecurity-Handbooks
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
babywyrm/bane
this is a python module that contains functions and classes which are used to test the security of web/network applications. it's coded on pure python and it's a very intelligent tool ! It can easily detect: XSS (reflected/stored), RCE (Remote Code/Command Execution), SSTI, SSRF, CORS Misconfigurations, File Upload, CSRF, Path Traversal... and more
babywyrm/BloodHound.py
A Python based ingestor for BloodHound
babywyrm/cansleep
The program for scanning and testing city cameras (DVR, RTSP, Hikvision) is a tool developed exclusively for educational purposes to analyze and check the quality of video cameras and video systems at the urban infrastructure level.
babywyrm/cheatsheet-kubernetes-A4
:book: Kubernetes CheatSheets In A4
babywyrm/cs-aws-waf-bouncer
Crowdsec bouncer for AWS WAF
babywyrm/CVE-2023-25690-POC
CVE 2023 25690 Proof of concept - mod_proxy vulnerable configuration on Apache HTTP Server versions 2.4.0 - 2.4.55 leads to HTTP Request Smuggling vulnerability.
babywyrm/Exegol
Fully featured and community-driven hacking environment
babywyrm/firecracker-containerd
firecracker-containerd enables containerd to manage containers as Firecracker microVMs
babywyrm/impacket
Impacket is a collection of Python classes for working with network protocols.
babywyrm/isolated-vm
Secure & isolated JS environments for nodejs
babywyrm/JSONBee
A ready to use JSONP endpoints/payloads to help bypass content security policy (CSP) of different websites.
babywyrm/multi-account-security-assessment-via-prowler
This solutions facilitates rapid deployment of Prowler, full AWS Organization analysis, and finding processing as part of a security posture report.
babywyrm/naabu
A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests
babywyrm/NodeGoat
The OWASP NodeGoat project provides an environment to learn how OWASP Top 10 security risks apply to web applications developed using Node.js and how to effectively address them.
babywyrm/phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
babywyrm/PingRAT
PingRAT secretly passes C2 traffic through firewalls using ICMP payloads.
babywyrm/PrivFu
Kernel mode WinDbg extension and PoCs for token privilege investigation.
babywyrm/RedCsharp
Collection of C# projects. Useful for pentesting and redteaming.
babywyrm/SigmaPotato
SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.
babywyrm/SSRFmap
Automatic SSRF fuzzer and exploitation tool
babywyrm/sysinternals
Content for sysinternals.com
babywyrm/trufflehog
Find credentials all over the place
babywyrm/viddy
👀 A modern watch command. Time machine and pager etc.
babywyrm/vulnerable-node
A very vulnerable web site written in NodeJS with the purpose of have a project with identified vulnerabilities to test the quality of security analyzers tools tools
babywyrm/WSPCoerce
PoC to coerce authentication from Windows hosts using MS-WSP