yazzzuk's Stars
shockdesign/terminal-wordpress-theme
CLI Terminal Theme for Wordpress
cdleon/awesome-terminals
Terminal Emulators
sa7mon/S3Scanner
Scan for misconfigured S3 buckets across S3-compatible APIs!
davisanc/AzureSecurityLabs
Hands-on Security Labs focused on Azure IaaS Security
0xJs/CARTP-cheatsheet
Azure AD cheatsheet for the CARTP course
swisskyrepo/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
silverhack/monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
Hacking-Notes/RedTeam
This repo offers notes and resources on ethical hacking, covering information gathering, scanning, web hacking, exploitation, and Windows/Linux hacking.
juice-shop/multi-juicer
Host and manage multiple Juice Shop instances for security trainings and Capture The Flags
center-for-threat-informed-defense/security-stack-mappings
🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.
kubernetes/sig-security
Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security
magnologan/awesome-k8s-security
A curated list for Awesome Kubernetes Security resources
LeonardoE95/OSCP
Knowledge for OSCP
nicocha30/ligolo-ng
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
madhuakula/kubernetes-goat
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
RyanJarv/awesome-cloud-sec
Awesome list for cloud security related projects
carlospolop/PurplePanda
Identify privilege escalation paths within and across different clouds
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
inguardians/peirates
Peirates - Kubernetes Penetration Testing tool
ustayready/ShredHound
Small utility to chunk up a large BloodHound JSON file into smaller files for importing.
SpecterOps/AzureHound
Azure Data Exporter for BloodHound
dafthack/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
dafthack/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
dafthack/Bloodhound-Custom-Queries
Custom Query list for the Bloodhound GUI based off my cheatsheet
dafthack/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
dafthack/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
dafthack/GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
dafthack/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
hausec/PowerZure
PowerShell framework to assess Azure security