0nopnop's repositories
Adalanche
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
adPEAS
Powershell tool to automate Active Directory enumeration.
awesome-bugbounty-tools
A curated list of various bug bounty tools
CloudSecNotes
Cloud security and auditing notes
CSSR
Repository of practice, guides, list, and scripts to help with cyber security.
CVE-2023-21554-PoC
CVE-2023-21554 Windows MessageQueuing PoC,分析见 https://www.zoemurmure.top/posts/cve_2023_21554/
DidierStevensSuite
Please no pull requests for this repository. Thanks!
diva-android
DIVA Android - Damn Insecure and vulnerable App for Android
drozer
The Leading Security Assessment Framework for Android.
EDR-Preloader
An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
EDRSandblast-GodFault
EDRSandblast-GodFault
hackTheBox
Hackthebox weekly boxes writeups.
httprobe
Take a list of domains and probe for working HTTP and HTTPS servers
IOXIDResolver
IOXIDResolver.py from AirBus Security
krew
📦 Find and install kubectl plugins
kube-bench
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
KubiScan
A tool to scan Kubernetes cluster for risky permissions
LaZagne
Credentials recovery project
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
objection
📱 objection - runtime mobile exploration
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
PKINITtools
Tools for Kerberos PKINIT and relaying to AD CS
PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
powercat
netshell features all in version 2 powershell
PowerLessShell
Run PowerShell command without invoking powershell.exe
prowler
Prowler is an Open Source Security tool for AWS, Azure and GCP to perform Cloud Security best practices assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.
rakkess
Review Access - kubectl plugin to show an access matrix for k8s server resources
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
ruler
A tool to abuse Exchange services