Ricardo Castro's repositories
ars0n-framework
A Modern Framework for Bug Bounty Hunting
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
AutoRecon
AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.
axiom
The dynamic infrastructure framework for everybody! Distribute the workload of many different scanning tools with ease, including nmap, ffuf, masscan, nuclei, meg and many more!
clickjackpocgen
Simple PoC generator for clickjacking vulnerabilities
feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
GAP-Burp-Extension
Burp Extensions
Ghostwriter
The SpecterOps project management and reporting engine
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
homer
A very simple static homepage for your server.
JARVIS
JARVIS, a system to connect LLMs with ML community. Paper: https://arxiv.org/pdf/2303.17580.pdf
kickstart.nvim
A launch point for your personal nvim configuration
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
metasploit-framework
Metasploit Framework
obsidian-osint-templates
These templates are suggestions of how the Obsidian notetaking tool can be used during an OSINT investigation. The example data in those files should allow you to make some connections (see what I did there?) between how you record your data during an investigation and some of what the tool can offer FOR FREE!
OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PrivescCheck
Privilege Escalation Enumeration Script for Windows
Proxmox-Cheatsheet
This is a compilation of notes I've gathered while setting up my own Proxmox server at home.
public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
rmm
Recon MindMap (RMM)
Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
secator
secator - the pentester's swiss knife
speedtest-tracker
Speedtest Tracker is a self-hosted internet performance tracking application that runs speedtest checks against Ookla's Speedtest service.
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
windows
Windows in a Docker container.
wpscan
WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via contact@wpscan.com