mcLays's starred repositories
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
h4cker
This repository is primarily maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), artificial intelligence security, vulnerability research, exploit development, reverse engineering, and more.
personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
nginx-admins-handbook
How to improve NGINX performance, security, and other important things.
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
malwoverview
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
command-injection-payload-list
🎯 Command Injection Payload List
Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
lpeworkshop
Windows / Linux Local Privilege Escalation Workshop
Azure-Red-Team
Azure Security Resources and Notes
databunker
Secure SDK/vault for personal records/PII built to comply with GDPR
BigBountyRecon
BigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Misconfiguration-Manager
Misconfiguration Manager is a central knowledge base for all known Microsoft Configuration Manager tradecraft and associated defensive and hardening guidance.
SniperPhish
SniperPhish - The Web-Email Spear Phishing Toolkit
command-line-quick-reference
quick reference on command line tools and techniques for the people with limited time
russia-ukraine_IOCs
Russia / Ukraine 2022 conflict related IOCs from CERT Orange Cyberdefense Threat Intelligence Datalake
vocably-pro
A language learning app for those who don't like language learning apps