Pinned Repositories
5pillars
A guide on how to become an Information (or Cyber) Security Professional. With resources from free to expensive.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
ADGenerator
Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.
AzureADAssessment
Tooling for assessing an Azure AD tenant state and configuration
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
badchars
Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.
blocksec-ctfs
A curated list of blockchain security Capture the Flag (CTF) competitions
DVWA
Damn Vulnerable Web Application (DVWA)
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
iamtecheater's Repositories
iamtecheater/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
iamtecheater/penetration-testing-cheat-sheet
Work in progress...
iamtecheater/Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.
iamtecheater/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
iamtecheater/AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
iamtecheater/bettermap
Automated solution for nmap'ing
iamtecheater/BloodHound
Six Degrees of Domain Admin
iamtecheater/capital
A built-to-be-vulnerable API application based on the OWASP top 10 API vulnerabilities. Use c{api}tal to learn, train and exploit API Security vulnerabilities within your own API Security CTF.
iamtecheater/card-components
iamtecheater/CloudPeler
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
iamtecheater/CrackMapExec
A swiss army knife for pentesting networks
iamtecheater/katana
A next-generation crawling and spidering framework.
iamtecheater/linWinPwn
linWinPwn is a bash script that automates a number of Active Directory Enumeration and Vulnerability checks
iamtecheater/masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
iamtecheater/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
iamtecheater/nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
iamtecheater/objection
📱 objection - runtime mobile exploration
iamtecheater/PentestGPT
A GPT-empowered penetration testing tool
iamtecheater/Picture-Search
iamtecheater/Pos-System-React
iamtecheater/recox
Master script for web reconnaissance
iamtecheater/seasons--geolocation
iamtecheater/SecurityTesting
Scripts
iamtecheater/Sn1per
Attack Surface Management Platform | Sn1perSecurity LLC
iamtecheater/subfinder
Subfinder is a subdomain discovery tool that discovers valid subdomains for websites. Designed as a passive framework to be useful for bug bounties and safe for penetration testing.
iamtecheater/video-search
iamtecheater/Web-Security-Academy-Series
iamtecheater/wifite2
Rewrite of the popular wireless network auditor, "wifite"
iamtecheater/wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites.
iamtecheater/writehat
A pentest reporting tool written in Python. Free yourself from Microsoft Word.