Pinned Repositories
5pillars
A guide on how to become an Information (or Cyber) Security Professional. With resources from free to expensive.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
ADGenerator
Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.
AzureADAssessment
Tooling for assessing an Azure AD tenant state and configuration
BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
badchars
Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.
blocksec-ctfs
A curated list of blockchain security Capture the Flag (CTF) competitions
DVWA
Damn Vulnerable Web Application (DVWA)
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
iamtecheater's Repositories
iamtecheater/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
iamtecheater/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
iamtecheater/ADGenerator
Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.
iamtecheater/AzureADAssessment
Tooling for assessing an Azure AD tenant state and configuration
iamtecheater/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
iamtecheater/DVWA
Damn Vulnerable Web Application (DVWA)
iamtecheater/External-Pentest-Checklist
iamtecheater/FinalRecon
The Last Web Recon Tool You'll Need
iamtecheater/GOAD
game of active directory
iamtecheater/hoaxshell
An unconventional Windows reverse shell, currently undetected by Microsoft Defender and various other AV solutions, solely based on http(s) traffic.
iamtecheater/juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
iamtecheater/mitm6
pwning IPv4 via IPv6
iamtecheater/OSCP
OSCP Guide
iamtecheater/pagodo
pagodo (Passive Google Dork) - Automate Google Hacking Database scraping and searching
iamtecheater/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
iamtecheater/PersistAssist
Fully modular persistence framework
iamtecheater/pimpmyadlab
TCM PEH Course AD Lab Build Script (Hydra-DC, Punisher-Workstation, Spiderman-Workstation)
iamtecheater/pimpmykali
Kali Linux Fixes for Newly Imported VM's
iamtecheater/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
iamtecheater/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
iamtecheater/TCM-Security-Sample-Pentest-Report
Sample pentest report provided by TCM Security
iamtecheater/Windows-WiFi-Extractor
Extract Windows Wi-Fi Passwords to Remote URL
iamtecheater/bhg
Code samples for No Starch Press Black Hat Go
iamtecheater/crowdsec
CrowdSec - the open-source and participative IPS able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global CTI database to protect the user network.
iamtecheater/CVE-2022-40684
A proof of concept exploit for CVE-2022-40684 affecting Fortinet FortiOS, FortiProxy, and FortiSwitchManager
iamtecheater/DIce-Roller
Coding Exercise
iamtecheater/Fortigate
Extract Useful info from SSL VPN Directory Traversal Vulnerability (FG-IR-18-384)
iamtecheater/gin-framework
Gin is a HTTP web framework written in Go (Golang). It features a Martini-like API with much better performance -- up to 40 times faster. If you need smashing performance, get yourself some Gin.
iamtecheater/nmapAutomator
A script that you can run in the background!
iamtecheater/patator
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.