Abouzar Parvan's starred repositories
SmartContracts-audit-checklist
A checklist of things to look for when auditing Solidity smart contracts.
awesome-oracle-manipulation
Awesome list of all things oracle manipulation. Creating to help spread a better understanding of oracles and oracle manipulation.
open-source-web-scanners
A list of open source web security scanners
sigma_to_wazuh
Convert Sigma rules to Wazuh rules
PowerUpSQL
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server
Stormspotter
Azure Red Team tool for graphing Azure and Azure Active Directory objects
GCP-IAM-Privilege-Escalation
A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.
cloudsploit
Cloud Security Posture Management (CSPM)
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
HostRecon
This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.
ScoutSuite
Multi-Cloud Security Auditing Tool
cloud_enum
Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.
MicroBurst
A collection of scripts for assessing Microsoft Azure security
MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection