DAN's repositories
ai-exploits
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
AtlasLdr
Reflective x64 PE/DLL Loader implemented using Dynamic Indirect Syscalls
awesome-mobile-security
An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.
BestEdrOfTheMarket
Little AV/EDR bypassing lab for training & learning purposes
ExtPenPy
ExtPenPy is a tool that will help you finalizing your recon phase faster.
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
HTB-certifiedCBBH
# HTB-certified-bug-bounty-hunter-exam-cheetsheet All cheetsheets with main information about CBBH role path in one place.
Invoke-AccessCheck
a simple powershell wrapper to automate checking a user's access around the network
Invoke-ADEnum
Automate Active Directory Enumeration
jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
OffensiveGolang
A collection of offensive Go packages inspired by different Go repositories.
offensivesecurity
Scripts for offensive security
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
Parasite-Invoke
Hide your P/Invoke signatures through other people's signed assemblies
pentesting_stuff
A place to store my various pentesting related code thats too small/niche to justify its own repository, and a simple website with notes on pentesting.
PEzor
Open-Source Shellcode & PE Packer
PlumHound
Bloodhound for Blue and Purple Teams
PowerShell-Obfuscation-Bible
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
PowershellTools
Powershell tools used for Red Team / Pentesting.
PyRIT
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
RedTeam-Scenarios
A brief list of all the red teaming scenarios that can be easily used to validate your current company infrastructure. Scenarios are company agnostic but technology specific giving you complete autonomy to start off without much modification.
sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
UACME
Defeating Windows User Account Control
Voidgate
A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encrypted assembly instructions, thus rendering memory scanners useless for that specific memory page.
Web_Hacking
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
webcopilot
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.