boh's repositories
RedBlueNotes
Personal notes from Red teamer for Blue/Red/Purple.
awesome-lolbins-and-beyond
A curated list of awesome LOLBins, GTFO projects, and similar 'Living Off the Land' security resources.
Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
BurpSuiteCertifiedPractitioner
Ultimate Burp Suite Exam and PortSwigger Labs Guide.
CredGuess
Generate password spraying lists based on the pwdLastSet-attribute of users.
detection-and-response-pipeline
✨ A compilation of suggested tools/services for each component in a detection and response pipeline, along with real-world examples. The purpose is to create a reference hub for designing effective threat detection and response pipelines. 👷 🏗
devops-resources
DevOps resources - Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP
Evilginx-Phishing-Infra-Setup
Evilginx Phishing Infrastructure Setup Guide - Securing Evilginx and Gophish Infrastructure, Removing IOCs, Phishing TTPs
Exploit-Street
Complete list of LPE exploits for Windows (starting from 2023)
gophish
Gophish with Malicious Attachment and HTTP redirect support
gowitness-cicd-example
A GitHub Actions Example for running gowitness
hardware-hacking
Some stuff about Hardware Hacking
Malware_Specimens
This GitHub repository contains benign specimens; however, the techniques demonstrated herein could potentially be exploited for malicious purposes. Exercise discretion and responsibility in their usage. I disclaim any liability for actions resulting from your utilization of this content.
Microsoft-eventlog-mindmap
Set of Mindmaps providing a detailed overview of the different #Microsoft auditing capacities for Windows, Exchange, Azure,...
n0kovo_subdomains
An extremely effective subdomain enumeration wordlist of 3,000,000 lines, crafted by harvesting SSL certs from the entire IPv4 space.
Offensivesecurity-Checklists
Checklists for Testing Security environment
OSCE3-Complete-Guide
OSWE, OSEP, OSED, OSEE
PMAT-labs
Labs for Practical Malware Analysis & Triage
precompiled-binaries
Collection of useful pre-compiled .NET binaries or other executables for penetration testing Windows Active Directory environments
Proxy-Attackchain
proxylogon & proxyshell & proxyoracle & proxytoken & all exchange server vulns summarization :)
report_malware_public
Reporting malware
security-study-plan
Complete Practical Study Plan to become a successful cybersecurity engineer based on roles like Pentest, AppSec, Cloud Security, DevSecOps and so on...
Threat-Hunting-and-Detection
Repository for threat hunting and detection queries, etc. for Defender for Endpoint and Microsoft Sentinel in KQL(Kusto Query Language).
tinystatus
Tiny status page generated by a Python script
vulnerability-Checklist
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
vulnhuntr
Zero shot vulnerability discovery using LLMs