Pinned Repositories
Amsi-Bypass-Powershell
This repo contains some Amsi Bypass methods i found on different Blog Posts.
auditd
Best Practice Auditd Configuration
awesome-appsec
A curated list of resources for learning about application security
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
awesome-shodan-queries
🔍 A collection of interesting, funny, and depressing search queries to plug into https://shodan.io/ 👩💻
AWS-ComplianceMachineDontStop
Proof of Value Terraform Scripts to utilize Amazon Web Services (AWS) Security, Identity & Compliance Services to Support your AWS Account Security Posture.
aws-forensic-tools
Tools for AWS forensics
aws-incident-response
aws-incident-response-runbooks
aws-security-assessment-solution
An AWS tool to help you create a point in time assessment of your AWS account using Prowler and Scout as well as optional AWS developed ransomware checks.
elprofesor123's Repositories
elprofesor123/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
elprofesor123/aws-incident-response-runbooks
elprofesor123/cloudformation-guard
Guard offers a policy-as-code domain-specific language (DSL) to write rules and validate JSON- and YAML-formatted data such as CloudFormation Templates, K8s configurations, and Terraform JSON plans/configurations against those rules.
elprofesor123/CobaltStr4.4
Cobalt Strike is a commercial, full-featured, remote access tool that bills itself as "adversary simulation software designed to execute targeted attacks and emulate the post-exploitation actions of advanced threat actors". Cobalt Strike’s interactive post-exploit capabilities cover the full range of ATT&CK tactics, all executed within a single, integrated system.
elprofesor123/conti-pentester-guide-leak
Leaked pentesting manuals given to Conti ransomware crooks
elprofesor123/CRTO
Certified Red Team Operator
elprofesor123/cset
Cybersecurity Evaluation Tool
elprofesor123/CVE-2021-1675
Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
elprofesor123/CVE-2021-1676
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
elprofesor123/CVE-2021-21551
Exploit to SYSTEM for CVE-2021-21551
elprofesor123/cvechecker
Command-line utility to scan the system and report on potential vulnerabilities, based on public CVE data
elprofesor123/ElectricEye
Continuously monitor your AWS services for configurations that can lead to degradation of confidentiality, integrity or availability. All results will be sent to Security Hub for further aggregation and analysis.
elprofesor123/hacker101
Source code for Hacker101.com - a free online web and mobile security class.
elprofesor123/Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
elprofesor123/kube-scan
kube-scan: Octarine k8s cluster risk assessment tool
elprofesor123/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
elprofesor123/og-aws
📙 Amazon Web Services — a practical guide
elprofesor123/Penetration-Testing-Tools
A collection of more than 140+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
elprofesor123/pimpmykali
Kali Linux Fixes for Newly Imported VM's
elprofesor123/Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
elprofesor123/prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
elprofesor123/public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
elprofesor123/report_examples
Example reports from prior years of the Collegiate Penetration Testing Competition
elprofesor123/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
elprofesor123/ScoutSuite
Multi-Cloud Security Auditing Tool
elprofesor123/sonar-scanner-cli
Scanner CLI for SonarQube and SonarCloud
elprofesor123/terraform-aws-secure-baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
elprofesor123/testssl.sh
Testing TLS/SSL encryption anywhere on any port
elprofesor123/UR-Cyber-Security-Red_vs_Blue
Assessment, Analysis, and Hardening of a vulnerable system. This report includes a Red Team Security Assessment, a Blue Team Log Analysis, and Hardening and Mitigation Strategies.
elprofesor123/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.