@MobileFrank's repositories
blackhat-python3
Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate issues of dependency resolution involving deprecated modules.
api_wordlist
A wordlist of API names for web application assessments
attack_range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
AutoRecon-Tib3rius
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
Awesome-Bugbounty-Writeups
A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference
CloudPentestCheatsheets
This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.
the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
ThreatHunter-Playbook
A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns.
awesome-threat-detection
A curated list of awesome threat detection and hunting resources
cloud-sniper
Virtual Security Operations Center
cloud-sniper-1
Cloud Security Operations
CRT
Contact: CRT@crowdstrike.com
CTF-notes-1-Shiva108
Everything needed for doing CTFs by Shiva108
DeTTECT
Detect Tactics, Techniques & Combat Threats
domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
Flipper-IRDB
A collective of different IRs for the Flipper
Internal-Pentest-Playbook
Internal Network Penetration Test Playbook
MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
purple-team-exercise-framework
Purple Team Exercise Framework
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
Security-Testing-Handbook
Stuff about it-security that might be good to know
Serpico
SimplE RePort wrIting and COllaboration tool
SprayingToolkit
Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient
tools-hacker-tools
A collection of pen-testing/hacking scripts. Various uses.
wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.