thebagholder's Stars
WKL-Sec/Malleable-CS-Profiles
A list of python tools to help create an OPSEC-safe Cobalt Strike profile.
cornfields/Yara_3dc22d14_bypass
Effectively bypassing Windows_Trojan_CobaltStrike_3dc22d14.
secnnet/CrowdStrike-Falcon-Search-Queries
chvancooten/maldev-for-dummies
A workshop about Malware Development
paralax/awesome-honeypots
an awesome list of honeypot resources
snowsnoot/unifi-unvr-arm64
UniFi UNVR with UniFi Protect for ARM64
L-o-s/Walgreens-SubGHz-FlipperZero
As a person who doesn't live far and live in a crazy neighborhood I was able to expand my Walgreens list a little and would love to share it with the people
guyinatuxedo/nightmare
Netflix-Skunkworks/riskquant
bluscreenofjeff/Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
RogueMaster/awesome-flipperzero-withModules
A collection of awesome resources & modules for the Flipper Zero device. Best used with Rogue Master Flipper Zero Custom Firmware.
insecurityofthings/jackit
JackIt - Exploit Code for Mousejack
0xJs/RedTeaming_CheatSheet
Pentesting cheatsheet with all the commands I learned during my learning journey. Will try to to keep it up-to-date.
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
GhostManager/Ghostwriter
The SpecterOps project management and reporting engine
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
payloadbox/sql-injection-payload-list
🎯 SQL Injection Payload List
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
safebuffer/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
clong/DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
Kris-Sekula/UCS-KVM
Some tips on getting into a UCS KVM without Adobe Flash Installed
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
stealthcopter/deepce
Docker Enumeration, Escalation of Privileges and Container Escapes (DEEPCE)
OTRF/Security-Datasets
Re-play Security Events
theonlykernel/EasyEnumeration
GossiTheDog/scanning
SCILabsMX/yaraZeekAlert
This script scans the files extracted by Zeek with YARA rules located on the rules folder on a Linux based Zeek sensor, if there is a match it sends email alerts to the email address specified in the mailTo parameter on yaraAlert.conf file. The alert includes network context of the file transfer and attaches the suspicious file if it is less than 10 MB. Alerted files are copied locally to the alerted files folder.
RoganDawes/P4wnP1
P4wnP1 is a highly customizable USB attack platform, based on a low cost Raspberry Pi Zero or Raspberry Pi Zero W.
VoidSec/CVE-2020-1472
Exploit Code for CVE-2020-1472 aka Zerologon