Chí Hoàng Cao's starred repositories
CashCatRansomwareSimulator
A simple windows ransomware simulator that will rename .TXT files a ransomware extension to simulate ransomware behavior for testing various monitoring tools
API-Threat-Matrix
A comprehensive knowledge base for security professionals to keep track of and build defenses against API attack techniques.
C2_INFRA_WORKSHOP_DEFCON32_RED_TEAM_VILLAGE
C2 Infrastructure Automation
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
Cheatsheets
A collection of all my personal cheat sheets and guides as I progress through my career in offensive security.
hacking-methodologyNotes
Notes, research, and methodologies for becoming a better hacker. Knowledge should be free.
OPSEC-Tradecraft
Collection of OPSEC Tradecraft and TTPs for Red Team Operations
AzureAD-Pentest
AzureAD Pentest (CAWASP alike)
AzureAD-Pentest
AzureAD Pentest
Breaching_the_cloud_cheatsheet
MultiCLoud Attack
Cheatsheets-RED-TEAM-
RTO and RTL cheatsheet
CRTP-Notes
Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing
bugbounty-cicd
A set of Gitlab pipelines and Github workflows to automate and ease on BugBounty and Penetration Testing engagements
Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
HackAllTheThings
My personal repertoire of technology and security-related notes.(Ngon)
DeFiHackLabs
Reproduce DeFi hacked incidents using Foundry and Web3 sec
WebSecurity-Academy-with-Python
Scripts for solving WebSecurity Academy labs of PortSwigger using Python
WebSecurity-Academy-with-Rust
Scripts for solving WebSecurity Academy labs of PortSwigger using Rust
Sec-Cheatsheets
Cheatsheets on security vulnerabilities and exploits.
CTF-pwn-tips
Here record some tips about pwn. Something is obsoleted and won't be updated. Sorry about that.
IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Bug_Bounty_Notes
A collection of notes for bug bounty hunting
Solidity-Attack-Vectors
This Repository contains list of Common Solidity SmartContract Attack Vectors. If you find any attack vectors missing, you call create a pull request and be a contributor of the project.
Web-Fuzzing-Box
Web Fuzzing Box - Web 模糊测试字典与一些Payloads,主要包含:弱口令暴力破解、目录以及文件枚举、Web漏洞...字典运用于实战案例:https://gh0st.cn/archives/2019-11-11/1