Amr-Hamza's repositories
Advanced-SQL-Injection-Cheatsheet
A cheat sheet that contains advanced queries for SQL Injection of all types.
AllAboutBugBounty
All about bug bounty (bypasses, payloads, and etc)
Amsi_Bypass_In_2023
Amsi Bypass payload that works on Windwos 11
Application-Security
Resources for Application Security including Web, API, Android, iOS and Thick Client
arsenal1
Arsenal is just a quick inventory and launcher for hacking programs
BloodHound.py
A Python based ingestor for BloodHound
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
chisel
A fast TCP/UDP tunnel over HTTP
commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
CrackMapExec
A swiss army knife for pentesting networks
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
dnschef-ng
DNSChef (NG) - DNS proxy for Penetration Testers and Malware Analysts
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Frida-Labs
The repo contains a series of challenges for learning Frida for Android Exploitation.
HowToHunt
Collection of methodology and test case for various web vulnerabilities.
LaZagne
Credentials recovery project
mimikatz
A little tool to play with Windows security
mssqlrelay
Tool for MSSQL relay audit and abuse
Mythic
A collaborative, multi-platform, red teaming framework
Nemesis
An offensive data enrichment pipeline
OSCP-Cheatsheet
OSCP Cheatsheet by Sai Sathvik
Pentest-Cheat-Sheets
A collection of snippets of codes and commands to make your life easier!
project-based-learning
Curated list of project-based tutorials
psgetsystem
getsystem via parent process using ps1 & embeded c#
PsMapExec
A PowerShell tool that takes strong inspiration from CrackMapExec.
SSRFmap
Automatic SSRF fuzzer and exploitation tool
the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
WTSImpersonator
WTSImpersonator utilizes WTSQueryUserToken to steal user tokens by abusing the RPC Named Pipe "\\pipe\LSM_API_service"
x64dbg
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.