Pinned Repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
AboutSecurity
A list of payload and bypass lists for penetration testing and red team infrastructure build.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Active-Directory-Exploitation-Cheat-Sheet-1
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
AllThingsSSRF
This is a collection of writeups, cheatsheets, videos, books related to SSRF in one single location
Anti-DDOS
🔒 Anti DDOS | Bash Script Project 🔒
exploitdb-papers
exploit-database-papers
kingofthebeat's Repositories
kingofthebeat/arttoolkit.github.io
A RedTeam Toolkit
kingofthebeat/AzureADRoleMonitor
kingofthebeat/BurpSuiteCertifiedPractitioner
Ultimate Burp Suite Exam and PortSwigger Labs Guide.
kingofthebeat/clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
kingofthebeat/CSC-RedOps
HTU Cyber Security Club, Offensive Operations Section ( Red Team ) learning pathway
kingofthebeat/CTFd
CTFs as you need them
kingofthebeat/Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
kingofthebeat/Direct-Syscalls-A-journey-from-high-to-low
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
kingofthebeat/dufflebag
Search exposed EBS volumes for secrets
kingofthebeat/exploit-writing-for-oswe
Tips on how to write exploit scripts (faster!)
kingofthebeat/Fud-Reverse-Shell
Undetected Reverse Shell
kingofthebeat/gapps
Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://web-gapps.pages.dev
kingofthebeat/graphql-wordlist
The only graphql wordlists you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
kingofthebeat/ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
kingofthebeat/learning-reverse-engineering
This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.
kingofthebeat/LOLDrivers
Living Off The Land Drivers
kingofthebeat/Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes
kingofthebeat/OffensiveCpp
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
kingofthebeat/OSED
Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)
kingofthebeat/PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
kingofthebeat/PS4_PS5-ESP8266-Server
A WebServer+Wifi Repeater+Fake DNS Server to Host PS4/PS5 Exploits on ESP8266
kingofthebeat/RedTeamOps-Havoc-101
Materials for the workshop "Red Team Ops: Havoc 101"
kingofthebeat/RedWizard
kingofthebeat/saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
kingofthebeat/SecretOpt1c
SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!
kingofthebeat/secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
kingofthebeat/server-side-prototype-pollution
SSPPG
kingofthebeat/VAmPI
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing
kingofthebeat/Windows-Penetration-Testing
Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests
kingofthebeat/ZeusCloud
Open Source Cloud Security