Doanh Nguyen's repositories
Log4j2-CVE-2021-44228
Remote Code Injection In Log4j
RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
all-about-apikey
Detailed information about API key / Oauth token (Description, Request, Response, Regex, Example)
android_app_security_checklist
Android App Security Checklist_Pentest
APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
BotPEASS
Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.
CB-Threat-Hunting
CarbonBlack EDR detection rules and response actions
certthreat_brand_phishing
CERT Transparency Log Monitoring for brand names and mailing domain names to detect phishing and brand impersonations
cloudfox
Automating situational awareness for cloud penetration tests.
cvelistV5
CVE cache of the official CVE List in CVE JSON 5.0 format
DorkingDB
Collection of dorking-related resources. Dorks lists, Cheatsheets, Articles, Databases. Google, Yahoo, Yandex, Bing, Baidu, DuckDuckGo, Brave, Ecosia.
hayabusa
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
Incident-Response-Powershell
PowerShell Digital Forensics & Incident Response Scripts.
j0lt-ddos-tool
Brutally effective DNS amplification ddos attack tool. Can cripple a target machine from a single host. Use with extreme caution.
Log4j-RCE-Scanner
Remote command execution vulnerability scanner for Log4j.
MC_OCR
Solution for MC_OCR competition
mhn
Modern Honey Network
mortar
Bypass evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)
ProxyVulns
[ProxyLogon] CVE-2021-26855 & CVE-2021-27065 Fixed RawIdentity Bug Exploit. [ProxyOracle] CVE-2021-31195 & CVE-2021-31196 Exploit Chains. [ProxyShell] WaitForUpdate
scan4all
Vulnerabilities Scan;15000+PoC漏洞扫描;20种应用密码爆破;7000+Web指纹;146种协议90000+规则Port扫描;Fuzz、HW打点、BugBounty神器...
shhgit
Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories: www.shhgit.com
ThreatIntelligenceDiscordBot
Gets updates from various clearnet domains and ransomware threat actor domains
TI-Mindmap-GPT
AI-powered tool designed to help producing Threat Intelligence Mindmap.
trs
🔭 Threat report analysis via LLM and Vector DB
VMware_vCenter
VMware vCenter 7.0.2.00100 unauth Arbitrary File Read + SSRF + Reflected XSS
WAF-bypass-xss-payloads
XSS payloads for bypassing WAF. This repository is updating continuously.
webapp-wordlists
This repository contains wordlists for each versions of common web applications and content management systems (CMS). Each version contains a wordlist of all the files directories for this version.