A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Reverse proxies cheatsheet

🇺🇦 Windows driver with usermode interface which can hide processes, file-system and registry objects, protect processes and etc

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Burp Bounty profiles compilation, feel free to contribute!

Sysl (pronounced "sizzle") is a system specification language

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.

💻🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

Security Scanner based on CIS benchmark 1.1 inspired by Scout2

Collection of reverse shells

Malicious Shortcut(.lnk) Generator

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Enumerate missing KBs and suggest exploits for useful Privilege Escalation vulnerabilities

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

A Python program to scrape secrets from GitHub through usage of a large repository of dorks.

🕵️‍♂️ Offensive Google framework.

Dll that can be used for side loading and other attack vector.

Solutions for Web Security Academy

⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡

Network Analysis Tool

pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)

PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.

Clientside vulnerability / reflected xss fuzzer

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on…

Smuggler - An HTTP Request Smuggling / Desync testing tool written in Python 3

A wrapper around grep, to help you grep for things

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

JavaScript security CLI that allow you to deeply analyze the dependency tree of a given package or local Node.js project.

collect for learning cases