Pinned Repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
ADCSKiller
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
cloud-sniper
Cloud Security Operations Orchestrator
Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
mitm6
pwning IPv4 via IPv6
r0secr01x's Repositories
r0secr01x/ai-exploits
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
r0secr01x/AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
r0secr01x/awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
r0secr01x/BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
r0secr01x/ExtPenPy
ExtPenPy is a tool that will help you finalizing your recon phase faster.
r0secr01x/gmapsapiscanner
r0secr01x/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
r0secr01x/HTB-certifiedCBBH
# HTB-certified-bug-bounty-hunter-exam-cheetsheet All cheetsheets with main information about CBBH role path in one place.
r0secr01x/Invoke-ADEnum
Automate Active Directory Enumeration
r0secr01x/jwt-secrets
r0secr01x/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
r0secr01x/OffensiveGolang
A collection of offensive Go packages inspired by different Go repositories.
r0secr01x/offensivesecurity
Scripts for offensive security
r0secr01x/OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
r0secr01x/Parasite-Invoke
Hide your P/Invoke signatures through other people's signed assemblies
r0secr01x/pentesting-cheatsheet
r0secr01x/pentesting_stuff
A place to store my various pentesting related code thats too small/niche to justify its own repository, and a simple website with notes on pentesting.
r0secr01x/PEzor
Open-Source Shellcode & PE Packer
r0secr01x/PlumHound
Bloodhound for Blue and Purple Teams
r0secr01x/PowershellTools
Powershell tools used for Red Team / Pentesting.
r0secr01x/PyRIT
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
r0secr01x/RedTeam-Scenarios
A brief list of all the red teaming scenarios that can be easily used to validate your current company infrastructure. Scenarios are company agnostic but technology specific giving you complete autonomy to start off without much modification.
r0secr01x/Resources
r0secr01x/sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
r0secr01x/terra-fied
r0secr01x/tfsec
Tfsec is now part of Trivy
r0secr01x/UACME
Defeating Windows User Account Control
r0secr01x/Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
r0secr01x/Web_Hacking
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
r0secr01x/webcopilot
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.