otsar's repositories
kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
Reverse-Engineering
A FREE comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures.
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
aws-sso-cli
A powerful tool for using AWS SSO for the CLI and web console.
TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
awesome-piracy
A curated list of awesome warez and piracy links
awesome-list-of-secrets-in-environment-variables
🦄🔒 Awesome list of secrets in environment variables 🖥️
APTSimulator
A toolset to make a system look as if it was the victim of an APT attack
SourceCodeReview
Source Code Review resources for Bug Bounty Hunters & Developers. This Repo is updated consistently.
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
o365-attack-toolkit
A toolkit to attack Office365
Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss penetration-testing-poc csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
WeaponizeKali.sh
Automate installation of extra pentest tools on Kali Linux
kubernetes-network-policy-recipes
Example recipes for Kubernetes Network Policies that you can just copy paste
privacy.sexy
Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆
kubernetes-security-checklist
Kubernetes Security Checklist and Requirements - All in One (authentication, authorization, logging, secrets, configuration, network, workloads, dockerfile)
bugbounty-cheatsheet
A list of interesting payloads, tips and tricks for bug bounty hunters.
IntruderPayloads
A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.
Hacking-Security-Ebooks
Top 100 Hacking & Security E-Books (Free Download) - Powered by Yeahhub.com
CVE-in-Ruby
Exploits written & ported to Ruby - no Metasploit
awesome-ruby-security
Awesome Ruby Security resources
blackhat-arsenal-tools
Official Black Hat Arsenal Security Tools Repository
awesome-burp-extensions
A curated list of amazingly awesome Burp Extensions