devkw's repositories
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
OSCP-Exam-Report-Template-Markdown
OSCP Exam Report Template in Markdown
osce-note
OSCE Note
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
awesome-vehicle-security
🚗 A curated list of resources for learning about vehicle security and car hacking.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
prowler
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
awesome-incident-response
A curated list of tools for incident response
shellcode-1
Shellcodes for Windows/Linux/BSD running on x86, AMD64, ARM, ARM64
PoC
Proofs-of-concept
poc-1
Proof of Concepts
exploitdb
The official Exploit Database repository
exploitdb-bin-sploits
Exploit Database binary exploits located in the /sploits directory
awesome-cybersecurity-blueteam
:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.
Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
Veil-Evasion
Veil-Evasion is a tool used to generate payloads that bypass antivirus solutions
PowerSploit
PowerSploit - A PowerShell Post-Exploitation Framework
mimikatz
A little tool to play with Windows security
Infosec_Reference
An Information Security Reference That Doesn't Suck
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
Threat-Remediation-Scripts
This repository contains a list of new remediation scripts.
awesome-forensics
A curated list of awesome forensic analysis tools and resources
adversary_emulation_library
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Digital-Forensics-Guide
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.