#
royharoush
Follow
Lists (1)
Starred repositories
38
stars
written in HTML
Clear filter
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
A list of public penetration test reports published by several consulting firms and academic security groups.
Compilation of public failure/horror stories related to Kubernetes
Automagically reverse-engineer REST APIs via capturing traffic
Automate the creation of a lab environment complete with security tooling and logging best practices
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
Tools, tips, tricks, and more for exploring ICS Security.
Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM
Active Directory and Internal Pentest Cheatsheets
A Nmap XSL implementation with Bootstrap.
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in gener…
Open-source pentesting management and automation platform by Salesforce Product Security
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
A library of pretexts to use on offensive phishing engagements.
Neet - Network Enumeration and Exploitation Tool
Code repository for Mastering Modern Web Penetration Testing, published by Packt