krlabs's Stars
andrettv/WSTG
Russian translation of OWASP Web Security Testing Guide (WSTG) Project produces the premier cybersecurity testing resource for web application developers and security professionals.
beefproject/beef
The Browser Exploitation Framework Project
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
1ndianl33t/Gf-Patterns
GF Paterns For (ssrf,RCE,Lfi,sqli,ssti,idor,url redirection,debug_logic, interesting Subs) parameters grep
krlabs/UA_Team_Shell
UA Team Web Shell
cr1f/writeups
some thoughts
0x6rss/WhatsApp-extension-manipulation-PoC
Android malware (.apk) can be spread through a fake PDF document by manipulating the file extension in the WhatsApp application. PoC is available in this repo
erwanlr/wordpress_plugin_security_testing_cheat_sheet
WordPress Plugin Security Testing Cheat Sheet
zerossl/zerossl-bot
The repository for the ZeroSSL certbot wrapper
opendns/pyinvestigate
Python module to interface with the OpenDNS Investigate API
ring0lab/catphish
CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.
WordPress/Security-White-Paper
The WordPress Security White Paper, available directly on the WordPress.org site at https://wordpress.org/about/security/
AresValley/Artemis
Radio Signals Recognition Manual
OWASP/Top10
Official OWASP Top 10 Document Repository
OWASP/www-project-top-ten
OWASP Foundation Web Respository
WithSecureLabs/C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
EmpireProject/Empire
Empire is a PowerShell and Python post-exploitation agent.
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
its-a-feature/Mythic
A collaborative, multi-platform, red teaming framework
cobbr/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
societyinforisk/blog
SIRA blog
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
CyberSecurityUP/PenTest-Consulting-Creator
Repository with some necessary information for you to create your PenTest consultancy
CyberSecurityUP/Red-Team-Management
Genymobile/scrcpy
Display and control your Android device
aschot-myan/Rashr
Rashr - Flash your device from your device - Android App
alexandreborges/malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
dfir-it/unsapien
Python script to extract embedded data from binaries generated by SAPIEN Script Packager
dfir-it/supreme-backdoor-factory
This repository contains additional files mentioned in the blog post
emposha/Shell-Detector
Shell Detector – is a application that helps you find and identify php/cgi(perl)/asp/aspx shells. Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%.