Sandro Melo's repositories
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
awesome-docker-security
π A curated list of awesome Docker security resources
awesome-shodan-queries
π A collection of interesting, funny, and depressing search queries to plug into shodan.io π©βπ»
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
Blue-Team-Notes
You didn't think I'd go and leave the blue team out, right?
como_criar_uma_api_devaprender
Exemplo de como criar uma API com python
Credential-Dumping
This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the same tasks
curso-python-selenium
RepositΓ³rio de curso de selenium usando python
cybersecurity-infosec
An ongoing collection infosec courses, learning tutorials, libaries, and training resources.
digital-forensics-lab
Free hands-on digital forensics labs for students and faculty
DumpSMBShare
A script to dump files and folders remotely from a Windows SMB share.
Live-Forensicator
Powershell Script to aid Incidence Response and Live Forensics
Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
Nim-Shell
A simple reverse shell program for Windows clients
NTLMRecon
Enumerate information from NTLM authentication enabled web endpoints π
Nuclei-Template-CVE-2022-1388-BIG-IP-iControl-REST-Exposed
This vulnerability may allow an unauthenticated attacker with network access to the BIG-IP system through the management port and/or self IP addresses to execute arbitrary system commands, create or delete files, or disable services. There is no data plane exposure; this is a control plane issue only.
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
Practical-Ethical-Hacking-Resources
Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course
PWF
Practical Windows Forensics Training
pylirt
Pylirt - Python Linux Incident Response Toolkit
shennina
Automating Host Exploitation with AI
ThreatTrack
ThreatTrack | Shodan + ExploitDB + NVD
Villain
Villain is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team.
Windows-WiFi-Extractor
Extract Windows Wi-Fi Passwords to Remote URL