otsar's repositories
arttoolkit.github.io
A RedTeam Toolkit
BurpSuiteCertifiedPractitioner
Ultimate Burp Suite Exam and PortSwigger Labs Guide.
clairvoyance
Obtain GraphQL API schema even if the introspection is disabled
CSC-RedOps
HTU Cyber Security Club, Offensive Operations Section ( Red Team ) learning pathway
Damn-Vulnerable-GraphQL-Application
Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Direct-Syscalls-A-journey-from-high-to-low
Start with shellcode execution using Windows APIs (high level), move on to native APIs (medium level) and finally to direct syscalls (low level).
exploit-writing-for-oswe
Tips on how to write exploit scripts (faster!)
Fud-Reverse-Shell
Undetected Reverse Shell
graphql-wordlist
The only graphql wordlists you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.
learning-reverse-engineering
This repository contains sample programs written primarily in C and C++ for learning native code reverse engineering.
LOLDrivers
Living Off The Land Drivers
OffensiveCpp
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
PS4_PS5-ESP8266-Server
A WebServer+Wifi Repeater+Fake DNS Server to Host PS4/PS5 Exploits on ESP8266
RedTeamOps-Havoc-101
Materials for the workshop "Red Team Ops: Havoc 101"
saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
SecretOpt1c
SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!
secure-code-game
A GitHub Security Lab initiative, providing an in-repo learning experience, where learners secure intentionally vulnerable code.
Windows-Penetration-Testing
Technical notes, AD pentest methodology, list of tools, scripts and Windows commands that I find useful during internal penetration tests