dyetto's repositories
SantaRat
A remote access trojan to use against Santa's laptop!
SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
ffuf
Fast web fuzzer written in Go
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
websitesVulnerableToSSTI
Simple websites vulnerable to Server Side Template Injections(SSTI)
xxelab
A simple web app with a XXE vulnerability.
cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
awesome-yara
A curated list of awesome YARA rules, tools, and people.
PEzor
Open-Source Shellcode & PE Packer
awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
ShellcodeFluctuation
An advanced in-memory evasion technique fluctuating shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
AWS-Keywords
Keywords of AWS & Related Services you can use for various activities like studying, flashcards or games
xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
AzureAD_Autologon_Brute
Brute force attack tool for Azure AD Autologon/Seamless SSO - Source: https://arstechnica.com/information-technology/2021/09/new-azure-active-directory-password-brute-forcing-flaw-has-no-fix/
github-dorks
Find leaked secrets via github search
aad-sso-enum-brute-spray
POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln
windows_hardening
Windows Hardening settings and configurations
terraform-provider-aws
Terraform AWS provider
BlackWidow
A Python based web application scanner to gather OSINT and fuzz for OWASP vulnerabilities on a target website.
FSEC-VM
Vulnerability Management System, being developed in the Republic of Belarus
bypass-403
A simple script just made for self use for bypassing 403
aws-cloudformation-templates
A collection of useful CloudFormation templates
AzureAD-Attack-Defense
This publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.
houndsploit
An advanced graphical search engine for Exploit-DB