mysecus

Nate Schmitt's starred repositories

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Language:PHPMIT55999 1907 266

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

Language:CAGPL-3.023066 653 556

How-To-Secure-A-Linux-Server

An evolving how-to guide for securing a Linux server.

CC-BY-SA-4.017117 326 71

GHunt

🕵️‍♂️ Offensive Google framework.

Language:PythonNOASSERTION15337 512 388

theZoo

A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Language:PythonNOASSERTION11003 814 155

GTFOBins.github.io

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Language:HTMLGPL-3.010440 142 47

awesome-honeypots

an awesome list of honeypot resources

Language:PythonArtistic-2.08324 381 19

LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Language:XSLTGPL-3.06784 228 94

tpotce

🍯 T-Pot - The All In One Multi Honeypot Platform 🐝

Language:CGPL-3.06415 194 978

flare-vm

A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

Language:PowerShellApache-2.06211 202 501

dnstwist

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

Language:PythonApache-2.04770 154 120

awesome-cybersecurity-blueteam

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

4201 167 7

WinPwn

Automation for internal Windows Penetrationtest / AD-Security

Language:PowerShellBSD-3-Clause3263 81 44

awesome-vim-colorschemes

Collection of awesome color schemes for Neo/vim, merged for quick use.

Language:Vim Script2693 43 23

AttackSurfaceAnalyzer

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.

Language:C#MIT2676 69 330

iceberg.vim

:antarctica: Bluish color scheme for Vim and Neovim

Language:Vim ScriptMIT2180 25 71

Pentest-Tools

2107 91 3

BadBlood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

Language:PowerShellGPL-3.01969 49 7

malware-samples

A collection of malware samples caught by several honeypots i manage

1575 102 10

poc

Proof of Concepts

Language:PythonBSD-3-Clause1201 1140

ADAPE-Script

Active Directory Assessment and Privilege Escalation Script

Language:PowerShell1088 54 3

adsec

An introduction to Active Directory security

Language:PowerShellBSD-3-Clause633 24 3

AzViz

⚡ ☁ Azure Visualizer aka 'AzViz' : A #powershell module to automatically generate Azure resource topology diagrams by just typing a PowerShell cmdlet and passing the name of one or more Azure Resource groups

Language:PowerShellMIT581 42 82

physical-docs

This is a collection of legal wording and documentation used for physical security assessments. The goal is to hopefully allow this as a template for other companies to use and to protect themselves when conducting physical security assessments.

Unlicense469 27 1

arch-audit

A utility like pkg-audit for Arch Linux. Based on Arch Security Team data.

Language:RustMIT330 210

SecCon-Framework

Security configuration is complex. With thousands of group policies available in Windows, choosing the “best” setting is difficult. It’s not always obvious which permutations of policies are required to implement a complete scenario, and there are often unintended consequences of some security lockdowns. The SECCON Baselines divide configuration into Productivity Devices and Privileged Access Workstations. This document will focus on Productivity Devices (SECCON 5, 4, and 3). Microsoft’s current guidance on Privileged Access Workstations can be found at http://aka.ms/cyberpaw and as part of the Securing Privileged Access roadmap found at http://aka.ms/privsec.

CC-BY-4.0277 38 7