Self-hosted bug bounty programs that are "scammy" or unethical

POC for DLL Proxying / Hijacking

I am using these OSINT tools. This list include important domains of OSINT and their respective tools.

bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)

Docker container for Firefox

Microsoft signed ActiveDirectory PowerShell module

Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic

☁️ ⚡ Granular, Actionable Adversary Emulation for the Cloud

Collection of some of my own tools with other great open source tools out there packaged into a powershell module

Beginner Guide to Bug Hunting

Intercept Windows Named Pipes communication using Burp or similar HTTP proxy tools

A cheat sheet that contains advanced queries for SQL Injection of all types.

A repository of sysmon configuration modules

CTF writeups from me and my teammates

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907

Mirror of https://gitlab.com/malware-filter/urlhaus-filter

Code Exec via Excel

A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.

YARA signature and IOC database for my scanners and tools

Ransomware leak site monitoring

Simple volatility profile builder based on Docker container

OSWE, OSEP, OSED, OSEE

GH Archive is a project to record the public GitHub timeline, archive it, and make it easily accessible for further analysis.

Utility that can be used to decrypt HPQPswd encrypted passwords.

Re-play Security Events

Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.

This repo covers some code execution and AV Evasion methods for Macros in Office documents

A unique technique to execute binaries from a password protected zip

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

A fast TCP/UDP tunnel over HTTP