br3ach3r-fff's repositories
bzar
A set of Zeek scripts to detect ATT&CK techniques.
commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@fireeye.com
Infosec_Reference
An Information Security Reference That Doesn't Suck
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
Pentest-Tools-1
Some random tools I use for penetration testing
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
privilege-escalation-awesome-scripts-suite
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
impacket
Impacket is a collection of Python classes for working with network protocols.
PrivescCheck
Privilege Escalation Enumeration Script for Windows
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
GTFOBins.github.io
Curated list of Unix binaries that can be exploited to bypass system security restrictions
wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
ghidra
Ghidra is a software reverse engineering (SRE) framework
sqlmap
Automatic SQL injection and database takeover tool
Privilege-Escalation
This cheasheet is aimed at the CTF Players and Beginners to help them understand the fundamentals of Privilege Escalation with examples.
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
exploitdb-bin-sploits
Exploit Database binary exploits located in the /sploits directory
exploitdb
The official Exploit Database repository
exploitdb-papers
exploit-database-papers
LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
mimikatz
A little tool to play with Windows security
detection-hackathon-apt29
Place for resources used during the Mordor Detection hackathon event featuring APT29 ATT&CK evals datasets
linuxprivchecker
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
PhreeBooksERP
PhreeBooks Open Source ERP
Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet