Pinned Repositories
AD-Attack-Defense
Active Directory Security For Red & Blue Team
ad-ldap-enum
An LDAP based Active Directory user and group enumeration tool
ADAPE-Script
Active Directory Assessment and Privilege Escalation Script
android-api-SecureKeys
Store data in a simple and secure way
awesome-web-security
🐶 A curated list of Web Security materials and resources.
OSCP
Collection of things made during my OSCP journey
Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
SigPloit
SigPloit: Telecom Signaling Exploitation Framework - SS7, GTP, Diameter & SIP
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
XSRFProbe
The Prime Cross Site Request Forgery Audit and Exploitation Toolkit.
bh4nut3j4's Repositories
bh4nut3j4/ad-ldap-enum
An LDAP based Active Directory user and group enumeration tool
bh4nut3j4/Awesome-Cellular-Hacking
Awesome-Cellular-Hacking
bh4nut3j4/awesome-shell
A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.
bh4nut3j4/bounty
Misc bounty and vulndisc things
bh4nut3j4/bounty-targets-data
This repo contains hourly-updated data dumps of bug bounty platform scopes (like Hackerone/Bugcrowd/etc) that are eligible for reports
bh4nut3j4/chaos-hunt
Bash Script to Hunt all the targets/Subdomains from Chaos by Project Discovery Team
bh4nut3j4/Checklists
Pentesting checklists for various engagements
bh4nut3j4/checkout
Action for checking out a repo
bh4nut3j4/codeql-action
Actions for running CodeQL analysis
bh4nut3j4/Command-Mobile-Penetration-Testing-Cheatsheet
Mobile penetration testing android command cheatsheet
bh4nut3j4/corsbypass-heroku
bh4nut3j4/cq-provider-aws
CloudQuery Provider for AWS
bh4nut3j4/endgame
An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈
bh4nut3j4/flutter-ssl-pinning-bypass
Horangi tools for Android penetration testing
bh4nut3j4/github.github.io
Subdomain Takeover Test
bh4nut3j4/gitleaks
Audit git repos for secrets 🔑
bh4nut3j4/gitleaks-action
run gitleaks in a gitleaks action
bh4nut3j4/Infosec_Reference
An Information Security Reference That Doesn't Suck
bh4nut3j4/keyhacks
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
bh4nut3j4/OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
bh4nut3j4/Rubeus
Trying to tame the three-headed dog.
bh4nut3j4/secDevLabs
Laboratory for those who are interested in learning about web security
bh4nut3j4/semgrep-rules
Semgrep rules registry
bh4nut3j4/setup-maven
Set up your GitHub Actions workflow with a specific version of Apache Maven
bh4nut3j4/shiva
An Ansible playbook to provision a host for penetration testing and CTF challenges
bh4nut3j4/sto-poc
bh4nut3j4/Sudomy
Sudomy is a subdomain enumeration tool, created using a bash script, to analyze domains and collect subdomains in fast and comprehensive way . Report output in HTML or CSV format
bh4nut3j4/SysmonTools
Utilities for Sysmon
bh4nut3j4/UACME
Defeating Windows User Account Control
bh4nut3j4/winafl
A fork of AFL for fuzzing Windows binaries