devkw's repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
awesome-forensics
A curated list of awesome forensic analysis tools and resources
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
awesome-incident-response
A curated list of tools for incident response
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
awesome-vehicle-security
🚗 A curated list of resources for learning about vehicle security and car hacking.
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
exploitdb
The official Exploit Database repository
exploitdb-bin-sploits
Exploit Database binary exploits located in the /sploits directory
h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Infosec_Reference
An Information Security Reference That Doesn't Suck
osce-note
OSCE Note
OSCP-Exam-Report-Template-Markdown
OSCP Exam Report Template in Markdown
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
poc-1
Proof of Concepts
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
prowler
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
shellcode-1
Shellcodes for Windows/Linux/BSD running on x86, AMD64, ARM, ARM64
Threat-Remediation-Scripts
This repository contains a list of new remediation scripts.
Veil-Evasion
Veil-Evasion is a tool used to generate payloads that bypass antivirus solutions