Samuel Riesz's repositories
Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
aws-inventory
Discover resources created in an AWS account.
awspx
A graph-based tool for visualizing effective access and resource relationships in AWS environments.
bloodyAD
BloodyAD is an Active Directory Privilege Escalation Framework
cloudtracker
CloudTracker helps you find over-privileged IAM users and roles by comparing CloudTrail logs with current IAM policies.
CVE-mitre
https://cve.mitre.org/
emp3r0r
linux post-exploitation framework made by linux user
LadonGo
Ladon Pentest Scanner framework LadonGo一款开源内网渗透扫描器框架,使用它可轻松一键批量探测C段、B段、A段存活主机、高危漏洞检测MS17010、SmbGhost,远程执行SSH/Winrm,密码爆破SMB/SSH/FTP/Mysql/Mssql/Oracle/Winrm/HttpBasic/Redis,端口扫描服务识别PortScan指纹识别/HttpBanner/HttpTitle/TcpBanner/Weblogic/Oxid多网卡主机,端口扫描服务识别PortScan。
MLOPs-Primer
A collection of resources to learn about MLOPs.
my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
nuclei
Fast and customizable vulnerability scanner based on simple YAML based DSL.
NucleiFuzzer
NucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications
operator-support
Operator: an autonomous red team command-and-control platform to make security testing more accessible.
OSEP-Code-Snippets
A repository with my notable code snippets for Offensive Security's PEN-300 (OSEP) course.
PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
pdq_deploy_packs
PDQ Packs
PMapper
A tool for quickly evaluating IAM permissions in AWS.
PowerPing
Advanced command-line ping tool
prowler
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.
SAP_EEM_CVE-2020-6207
PoC for CVE-2020-6207 (Missing Authentication Check in SAP Solution Manager)
SharpSphere
.NET Project for Attacking vCenter
SharpWebServer
Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality
SkyArk
SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS
SkyWrapper
SkyWrapper helps to discover suspicious creation forms and uses of temporary tokens in AWS
ssh-mitm
ssh mitm server for security audits supporting public key authentication, session hijacking and file manipulation
SUDO_KILLER
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo
Svetovid
A bunch of post exploitation tools + reverse proxy server
VECTR
VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios