HoangTV20's repositories
.NET-Obfuscator
Lists of .NET Obfuscator (Free, Freemium, Paid and Open Source )
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Red-Teaming-Toolkit
A collection of open source and commercial tools that aid in red team operations.
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
Azure-Red-Team
Azure Security Resources and Notes
bytecode-viewer
A Java 8+ Jar & Android APK Reverse Engineering Suite (Decompiler, Editor, Debugger & More)
chisel
A fast TCP/UDP tunnel over HTTP
chromedp
A faster, simpler way to drive browsers supporting the Chrome DevTools Protocol.
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
GDA-android-reversing-Tool
the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy leaking detection, vulnerability detection, path solving, packer identification, variable tracking, deobfuscation, python&java scripts, device memory extrac
ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
gophish
Open-Source Phishing Toolkit
Invoke-PSObfuscation
An in-depth approach to obfuscating the individual components of a PowerShell payload whether you're on Windows or Kali Linux.
jadx
Dex to Java decompiler
Kunyu
Kunyu, more efficient corporate asset collection
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Neo-reGeorg
Neo-reGeorg is a project that seeks to aggressively refactor reGeorg
Nope-Proxy
TCP/UDP Non-HTTP Proxy Extension (NoPE) for Burp Suite.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stowaway
đź‘»Stowaway -- Multi-hop Proxy Tool for pentesters
uro
declutters url lists for crawling/pentesting
webshells
Various webshells. We accept pull requests for additions to this collection.
WSO2RCE
CVE-2022-29464 Exploit