Lior Ethan's repositories
Offensive-Security-OSCP-Cheatsheets-1
OSCP Cheatsheets, Pentesting Cheathseets, Red Team Attacking Tools and Techniques, Offensive Security Tips
Awesome-Cellular-Hacking
Awesome-Cellular-Hacking
cheatsheets-4
My cheatsheets
api_wordlist
A wordlist of API names for web application assessments
APISecurityBestPractices
Resources to help you keep secrets (API keys, database credentials, certificates, ...) out of source code and remediate the issue in case of a leaked API key. Made available by GitGuardian.
Astra
Automated Security Testing For REST API's
AttackDetection
Attack Detection
awesome-kubernetes-security
A curated list of awesome Kubernetes security resources
dcrawl
Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names.
docem
Uility to embed XXE and XSS payloads in docx,odt,pptx,etc (OXML_XEE on steroids)
dockerscan
Docker security analysis & hacking tools
EvilClippy
A cross-platform assistant for creating malicious MS Office documents. Can hide VBA macros, stomp VBA code (via P-Code) and confuse macro analysis tools. Runs on Linux, OSX and Windows.
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
gauntlt
a ruggedization framework that embodies the principle "be mean to your code"
hardening
Hardening Ubuntu. Systemd edition.
injection
Windows process injection methods
jenkins-rce
:smiling_imp: Jenkins RCE PoC. From unauthenticated user to remote code execution, it's a hacker's dream!
kubernetes-security-best-practice
Kubernetes Security - Best Practice Guide
malleable-c2
Cobalt Strike Malleable C2 Design and Reference Guide
Malleable-C2-Profiles-Collection
A collection of Malleable C2 profiles that work with Cobalt Strike 3.x.
objection
📱 objection - runtime mobile exploration
RDPassSpray
Python3 tool to perform password spraying using RDP
recursebuster
rapid content discovery tool for recursively querying webservers, handy in pentesting and web application assessments
RedHunt-OS
Virtual Machine for Adversary Emulation and Threat Hunting
security_w1k1
collect
storm-crawler
Scalable web crawler based on Apache Storm
TheFatRat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack,dll . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
threat-model-cookbook
This project is about creating and publishing threat model examples.
Windows-Privilege-Escalation
Windows Privilege Escalation Techniques and Scripts