kingofthebeat

arttoolkit.github.io

A RedTeam Toolkit

AzureADRoleMonitor

BurpSuiteCertifiedPractitioner

Ultimate Burp Suite Exam and PortSwigger Labs Guide.

clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

CSC-RedOps

HTU Cyber Security Club, Offensive Operations Section ( Red Team ) learning pathway

CTFd

CTFs as you need them

Damn-Vulnerable-GraphQL-Application

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.

Direct-Syscalls-A-journey-from-high-to-low

Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).

dufflebag

Search exposed EBS volumes for secrets

exploit-writing-for-oswe

Tips on how to write exploit scripts (faster!)

Fud-Reverse-Shell

Undetected Reverse Shell

gapps

Security compliance platform - SOC2, CMMC, ASVS, ISO27001, HIPAA, NIST CSF, NIST 800-53, CSC CIS 18, PCI DSS, SSF tracking. https://web-gapps.pages.dev

graphql-wordlist

The only graphql wordlists you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.

ImHex

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.

learning-reverse-engineering

This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.

LOLDrivers

Living Off The Land Drivers

Massive-Web-Application-Penetration-Testing-Bug-Bounty-Notes

OffensiveCpp

This repo contains C/C++ snippets that can be handy in specific offensive scenarios.

OSED

Containing my notes, practice binaries + solutions, blog posts, etc. for the Offensive Security Exploit Developer (OSED/EXP-301)

PowerShell-Obfuscation-Bible

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.

PS4_PS5-ESP8266-Server

A WebServer+Wifi Repeater+Fake DNS Server to Host PS4/PS5 Exploits on ESP8266

RedTeamOps-Havoc-101

Materials for the workshop "Red Team Ops: Havoc 101"

RedWizard

saas-attacks

Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown

SecretOpt1c

SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!

secure-code-game

A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.

server-side-prototype-pollution

SSPPG

VAmPI

Vulnerable REST API with OWASP top 10 vulnerabilities for security testing

Windows-Penetration-Testing

Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests

ZeusCloud

Open Source Cloud Security