reza.duty's repositories
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
LDAPmonitor
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
awesome-api-security
A collection of awesome API Security tools and resources.
awesome-vulnerable
A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.
BBTz
BBT - Bug Bounty Tools
Better-Portfolio-Website-Builder
A portfolio website template that was built targeting developers or business professionals who want to display their work in a clean and visually appealing way. It requires only one json file to setup, provides a perfect score on Google lighthouse audit, SEO friendly, optimized for mobile, easily plugs in to Google Analytics, theming capabilities.
Cobalt-Strike-CheatSheet
Some notes and examples for cobalt strike's functionality
ControlCompass.github.io
Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques
Cronos-Rootkit
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
cryptpad
Collaboration suite, end-to-end encrypted and open-source.
dustilock
DustiLock is a tool to find which of your dependencies is susceptible to a Dependency Confusion attack.
erxes
Free and open fair-code licensed all-in-one growth marketing & management software
etcher
Flash OS images to SD cards & USB drives, safely and easily.
Goby
Attack surface mapping
hakrevdns
Small, fast tool for performing reverse DNS lookups en masse.
joern
Open-source code analysis platform for C/C++/Java/Binary/Javascript based on code property graphs
netspy
netspy是一款快速探测内网可达网段工具
One-Lin3r
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
phpggc
PHPGGC is a library of PHP unserialize() payloads along with a tool to generate them, from command line or programmatically.
semgrep-rules
Semgrep rules registry
SharpGhosting
Process Ghosting in C#
SuperLibrary
Information Security Library
superset
Apache Superset is a Data Visualization and Data Exploration Platform
threat-tools
Tools for simulating threats
WADComs.github.io
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
WitnessMe
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.