mbarham's Stars
nickvourd/Windows-Local-Privilege-Escalation-Cookbook
Windows Local Privilege Escalation Cookbook
tandasat/Hypervisor-101-in-Rust
The materials of "Hypervisor 101 in Rust", a one-day long course, to quickly learn hardware-assisted virtualization technology and its application for high-performance fuzzing on Intel/AMD processors.
snoopysecurity/awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions
DustinBrett/daedalOS
Desktop environment in the browser
cyberark/MITM_Intercept
A little bit less hackish way to intercept and modify non-HTTP protocols through Burp & others.
SamuraiWTF/samuraiwtf
The main SamuraiWTF collaborative distro repo.
ProfessionallyEvil/pewapt101
Professionally Evil Web Application Penetration Testing 101
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
imran-parray/Mind-Maps
Mind-Maps of Several Things
halencarjunior/BugBuntu
BugBuntu Linux
yadox666/The-Hackers-Hardware-Toolkit
The best hacker's gadgets for Red Team pentesters and security researchers.
ps1337/haxxor-tools
Pentesting resources
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Fahrj/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
PentHertz/5GC_API_parse
A BurpSuite extension to parse 5GC NF OpenAPI 3.0 files to assess 5G core networks
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Impact-I/x8-Burp
Hidden parameters discovery suite
tomnomnom/waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
bing0o/SubEnum
bash script for Subdomain Enumeration
m4b/bingrep
like ~~grep~~ UBER, but for binaries
SecurityInnovation/Holodeck
Holodeck is a Fault Injection tool for testing Windows binaries and .NET applications. Holodeck utilizes fault-injection techniques to introduce the application to simulated scenarios that arise as the result of "broken" environments, such as out of memory conditions, corrupt files, bad registry data, or corrupted network packets.
pentestmonkey/unix-privesc-check
Automatically exported from code.google.com/p/unix-privesc-check
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
sneakerhax/TTPs
Red Team Tactics, Techniques, and Procedures
dloss/python-pentest-tools
Python tools for penetration testers
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
MunGell/awesome-for-beginners
A list of awesome beginners-friendly projects.
The-Z-Labs/linux-exploit-suggester
Linux privilege escalation auditing tool