BrianSandro's repositories
31-days-of-API-Security-Tips
This challenge is Inon Shkedy's 31 days API Security Tips.
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
api-pentesting
API Pentesting notes.
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
bluekeep_CVE-2019-0708_poc_to_exploit
Porting BlueKeep PoC from @Ekultek to actual exploits
CVE-2019-0709
Scanner PoC for CVE-2019-0708 RDP RCE vuln
CVE-2019-19781
CVE-2019-19781 - Remote Code Execution on Citrix ADC Netscaler exploit
Dr.-Watson
Dr. Watson is a simple Burp Suite extension that helps find assets, keys, subdomains, IP addresses, and other useful information! It's your very own discovery side kick, the Dr. Watson to your Sherlock!
Everything-OSCP
Custom checklists, cheatsheets, links, and scripts
findomain
The fastest and cross-platform subdomain enumerator, don't waste your time.
fuzz.txt
Potentially dangerous files
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
HiddenEye
Modern Phishing Tool With Advanced Functionality [ Android-Support-Available ]
Internal-Network-Pentest-MindMap
MindMap of common Internal Network Pentest workflow and commands.
Internal-Pentest-Playbook
Internal Network Penetration Test Playbook
MobileHackingCheatSheet
Basics on commands/tools/info on how to assess the security of mobile applications
OSCP-Notes
preparing for OSCP test
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
rapidscan
:new: The Multi-Tool Web Vulnerability Scanner.
stride-gpt
An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.
Tiny-XSS-Payloads
A collection of tiny XSS Payloads that can be used in different contexts.