Stars
PEN-300 collection to help you on your exam.
b4rdia / HackTricks
Forked from HackTricks-wiki/hacktricksWelcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
Process Hollowing (Malware Technique)
Six Degrees of Domain Admin
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world.…
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.
A list of command-line tools for manipulating structured text data
📡 PoC auto collect from GitHub.
CVE-2020-0688_EXP Auto trigger payload & encrypt method
Various *nix tools built as statically-linked binaries
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
Pentest dropbox setup scripts for Kali Linux
Vulnerable server used for learning software exploitation
netshell features all in version 2 powershell
Confluence Widget Connector path traversal (CVE-2019-3396)
Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
🤘 The biggest collection of themes for Terminator terminal.
CTF framework and exploit development library
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…