Pinned Repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
35c3ctf
35C3 Junior CTF pwnables
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Aggressor-Scripts
Aggressor scripts for Cobalt Strike
deobfuscation-research
some paper/project/script about deobfuscation
notes
Personal notes for pentest, dfir and various offense/defense fun.
pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
RedBlueNotes
Personal notes from Red teamer for Blue/Red/Purple.
RedCsharp
Collection of C# projects. Useful for pentesting and redteaming.
terraform-phishing
Build a phishing server (Gophish) together with SMTP-redirector (Postfix) automatically in Digital Ocean with terraform and ansible..
boh's Repositories
boh/RedCsharp
Collection of C# projects. Useful for pentesting and redteaming.
boh/RedBlueNotes
Personal notes from Red teamer for Blue/Red/Purple.
boh/notes
Personal notes for pentest, dfir and various offense/defense fun.
boh/adversarial-threat-modelling
Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
boh/allinfosecnews_sources
A list of online news & info sources in the InfoSec/Cybersecurity space
boh/ansible-role-nginx-docker
boh/Awesome-Azure-Pentest
A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.
boh/Blue-Team-Notes
You didn't think I'd go and leave the blue team out, right?
boh/Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
boh/BurpSuiteCertifiedPractitioner
Ultimate Burp Suite Exam and PortSwigger Labs Guide.
boh/CARTP-cheatsheet
Azure AD cheatsheet for the CARTP course
boh/CredGuess
Generate password spraying lists based on the pwdLastSet-attribute of users.
boh/gophish
Gophish with Malicious Attachment and HTTP redirect support
boh/grype
A vulnerability scanner for container images and filesystems
boh/Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
boh/n0kovo_subdomains
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
boh/OffensivePythonPipeline
Static standalone binaries for Linux and Windows (x64) of Python offensive tools. Compiled using PyInstaller, Docker for Windows, WSL2, and Make.
boh/Offensivesecurity-Checklists
Checklists for Testing Security environment
boh/OSCE3-Complete-Guide
OSWE, OSEP, OSED, OSEE
boh/OSEP-Tools
boh/PMAT-labs
Labs for Practical Malware Analysis & Triage
boh/precompiled-binaries
Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments
boh/Process-Injection-Techniques
Various Process Injection Techniques
boh/Proxy-Attackchain
proxylogon & proxyshell & proxyoracle & proxytoken & all exchange server vulns summarization :)
boh/Red-Team-Management
boh/report_malware_public
Reporting malware
boh/S-500-G2-Rat-Hvnc-Hidden-Broswers-Hidden-Apps-OperaGX-Rat-Remote-Malware
Clone Profile Hidden Desktop Hidden Browsers Hidden Chrome Hidden Chromodo Hidden SlimJet Hidden Sputnik Hidden Awast Browser Hidden UC Browser Hidden Atom Browser Hidden Opera Neon Hidden Firefox Hidden Edge Hidden Brave Hidden Palemoon Hidden Waterfox Hidden Opera Hidden 360 browser Hidden Comodo Dragon Hidden Internet Explorer Hidden Explorer Hidden Powershell Hidden CMD Hidden Outlook Hidden Thunderbird Hidden Foxmail Hidden Password Recovery HVNC/HVNC browsers HRDP/HRDP browsers/Wallets Reverse Proxy UAC Exploit for Windows 11/10 UAC Exploit for Windows 7 Remote Desktop Remote Cam Remote Microphone Remote Regedit Remote Console Silent Execute File Manager (download,zip,unzip) Disable Windows Defender Execute on connection Tasks Recovery All Chrome based Browsers Recovery for All Firefox based Browsers Recovery & Send Logs To Discord Startup/Schedule task Persistence Miner Watch Dog TaskMgr Dog Spam Tools Hrdp Browers Hrdp Chrome Hrdp Firefox Hrdp Opera Hrdp Brave Hrdp Wallets ArmoryQt Coinomi Atomic Exodus Electrum Jaxx S-500 G2 Builder ! Change Assembly Change Exe Icon Change Exe Name Change Filename File Path Group Clients Mutex Multi Ports Supported Anti Debug System Kill Taskmgr Blue Screen Error Watch Dog Uac Exploit on Execution TaskMgr Dog Export as Shell Code Crypter Merged Run PE Obfuscate
boh/security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
boh/Vx-Zines
A collection of archived malware zines throughout the ages
boh/XSS-Bypass-Filters