burnnotice's repositories
Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
VBS-Macro-XOR-Generator
VBS-Macro-XOR-Generator is a Python tool for XOR+Ceasar encoding of shellcodes for penetration testing. It automates payload generation, modification, encoding, and sets up a Metasploit handler, ideal for OSEP challenges and exams.
P5hellG3n
This script generates a PowerShell reverse shell command that bypasses execution policies and is base64 encoded. The generated shell command establishes a TCP connection to a provided IP and port, and executes any received commands. This script can be useful in penetration testing scenarios where shell access to a target machine is required.
BinXORer
This script automates the process of generating, encrypting, and injecting reverse HTTPS shellcode into a C# program. It further compiles the updated code and sets up a Metasploit listener for incoming connections. Designed for cybersecurity research and penetration testing purposes.
AutoMSF
AutoMSF is a Python script designed for fast generation and deployment of multiple types of Meterpreter reverse_https payloads. Created to aid in OSEP challenges and exams, it generates C#, EXE, VBS, and PS1 payloads, prepares obfuscated PowerShell commands for execution, and sets up a Metasploit listener for incoming connections.
ASPX-Shellcode-Caesar-Generator
ASPX Shellcode Ceasar Encrypted Generator is a Python script automating shellcode generation, embedding, encryption, and execution in an ASP.NET webshell for penetration testing. This tool streamlines tasks for OSEP challenges, creating encoded shellcodes using user-provided LHOST and LPORT, and setting up Metasploit handlers.
SharpTerminator
Terminate AV/EDR Processes using kernel driver
ocd-mindmaps
Orange Cyberdefense mindmaps
KerberOPSEC
OPSEC safe Kerberoasting in C#
AWS-Threat-Simulation-and-Detection
Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic
KrbRelayUp
KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).
ScoutSuite
Multi-Cloud Security Auditing Tool
Beta
Beta versions of my software
StopDefender
Stop Windows Defender programmatically
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
azureOutlookC2
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
nmap-bootstrap-xsl
A Nmap XSL implementation with Bootstrap.
send
Simple, private file sharing from the makers of Firefox
InvisibilityCloak
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
OffensivePipeline
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
Kubernetes-Certified-Administrator
Online resources that will help you prepare for taking the CNCF CKA 2020 "Kubernetes Certified Administrator" Certification exam. with time, This is not likely the comprehensive up to date list - please make a pull request if there something that should be added here.
policy_sentry
IAM Least Privilege Policy Generator
endgame
An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈
bridgecrew-action
This Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.
checkov
Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.