hell0scp's repositories
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
arachni
Web Application Security Scanner Framework
assemblyline
AssemblyLine 4 - File triage and malware analysis
awesome-aws-security
Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security
awesome-azure-architecture
AWESOME-Azure-Architecture
awesome-forensics
A curated list of awesome forensic analysis tools and resources
awesome-incident-response
A curated list of tools for incident response
awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
awesome-rtc-hacking
a list of awesome resources related to security and hacking of VoIP, WebRTC and VoLTE
awesome-security-newsletters
Periodic cyber security newsletters that capture the latest news, summaries of conference talks, research, best practices, tools, events, vulnerabilities, and analysis of trending threats and attacks
awesome-web-hacking
A list of web application security
awesome-websocket-security
Awesome information for WebSockets security research
community-threats
The largest, public library of adversary emulation plans in JSON. A place to share custom SCYTHE threats with the community. #ThreatThursday
CyberThreatHunting
A collection of resources for Threat Hunters - Sponsored by Falcon Guard
fastfinder
Incident Response - Fast suspicious file finder
h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
hawk
Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
HoneySpot
A complete system to deploy functional Honeypots to all infrastructures that needs to be notified when something anomalous occur
Logout4Shell
Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
monkey
Infection Monkey - An automated pentest tool
osep-code-dump-2022
Code dump from PEN-300/OSEP updated 2022
PoC
Advisories, proof of concept files and exploits that have been made public by @pedrib.
RedTeam-OffensiveSecurity
Tools & Interesting Things for RedTeam Ops
sipvicious
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications.
Windows-Penetration-Testing
Technical notes and list of tools, scripts and Windows commands that I find useful during internal penetration tests..