2furlongs's starred repositories
CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
PENTESTING-BIBLE
articles
Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
tsunami-security-scanner
Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
evil-winrm
The ultimate WinRM shell for hacking/pentesting
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
Pwdb-Public
A collection of all the data i could extract from 1 billion leaked credentials from internet.
awesome-oneliner-bugbounty
A collection of awesome one-liner scripts especially for bug bounty tips.
Checklists
Red Teaming & Pentesting checklists for various engagements
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
ParamSpider
Mining URLs from dark corners of Web Archives for bug hunting/fuzzing/further probing
SubDomainizer
A tool to find subdomains and interesting things hidden inside, external Javascript files of page, folder, and Github.
Fast-Google-Dorks-Scan
The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.
github-search
A collection of tools to perform searches on GitHub.
default-http-login-hunter
Login hunter of default credentials for administrative web interfaces leveraging NNdefaccts dataset.
ShodanTools
Collection of scripts & fingerprinting tricks for Shodan.io
bash-hacks
Handy bash and python scripts for bug bounty hunting!
Cheat-Sheets
Various Cheat Sheets (e.g. Nmap, Metasploit, Common Ports, Subnetting, Wireshark, etc)