Pinned Repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
35c3ctf
35C3 Junior CTF pwnables
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
AD-security-workshop
Resources for our Active Directory security workshops
Aggressor-Scripts
Aggressor scripts for Cobalt Strike
notes
Personal notes for pentest, dfir and various offense/defense fun.
pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
RedBlueNotes
Personal notes from Red teamer for Blue/Red/Purple.
RedCsharp
Collection of C# projects. Useful for pentesting and redteaming.
terraform-phishing
Build a phishing server (Gophish) together with SMTP-redirector (Postfix) automatically in Digital Ocean with terraform and ansible..
boh's Repositories
boh/pentest_compilation
Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
boh/35c3ctf
35C3 Junior CTF pwnables
boh/RedFile
A flask wsgi application that serves files with intelligence, good for serving conditional RedTeam payloads
boh/routeros
RouterOS Bug Hunt Materials Presented at Derbycon 2018
boh/spoofing-office-macro
:fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.
boh/WebShell
Webshell && Backdoor Collection
boh/AmsiScanBufferBypass
boh/ansible-mitre
boh/automateGo
Implementation on Go projects book "Automate the Boring Stuff with Python: Practical Programming for Total Beginners"
boh/AWS-CLI-Commands
Collection of AWS CLI commands for several AWS services.
boh/BlackHoodie-2018-Workshop
Slides and challenges for my binary exploitation workshop at BlackHoodie 2018.
boh/DoHC2
DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).
boh/DSInternals
Directory Services Internals (DSInternals) PowerShell Module and Framework
boh/EightBit-Atari-Fonts
Fonts generated from original bitmaps from Atari 8bit computers
boh/FCL
FCL (Fileless Command Lines) - Known command lines of fileless malicious executions
boh/goHackTools
Hacker tools on Go (Golang)
boh/Hacker_EZines
A collection of electronic hacker magazines carefully curated over the years from multiple sources
boh/Intranet_Penetration_Tips
2018年初整理的一些内网渗透TIPS,后面更新的慢,所以公开出来希望跟小伙伴们一起更新维护~
boh/Invisi-Shell
Hide your Powershell script in plain sight. Bypass all Powershell security features
boh/jdong-learning-resources
This is my private learning paradise,but everybody can get sth from this repo,HaHa!!
boh/kubernetes-course
Kubernetes Course Files
boh/linikatz
linikatz is a tool to attack AD on UNIX
boh/MS-DOS
The original sources of MS-DOS 1.25 and 2.0, for reference purposes
boh/red_team_telemetry
boh/RedELK
Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
boh/TwitteRSS
AWS Lambda project to combine Twitter List timelines into one RSS Feed
boh/Violent-Python-Companion-Files
Violent Python scripts used in book and few other required lifes
boh/virii
Collection of ancient computer virus source codes
boh/vulnserver
Vulnerable server used for learning software exploitation
boh/WBCDomain
An AWS hosted domain designed for practicing lateral movement techniques.