vishnudxb

automated-pentest

Minimal docker container of Parrot OS for running an automated scan & pentest report.

docker-redis-cluster

A small docker container for redis cluster

redis-cluster

Github action for running a redis cluster for your workflow

docker-evilginx2

Docker container for running Evilginx2

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Apache-OFBiz-Authentication-Bypass

This repo is a PoC with to exploit CVE-2023-51467 and CVE-2023-49070 preauth RCE vulnerabilities found in Apache OFBiz.

awesome-mobile-security

An effort to build a single place for all useful android and iOS security related stuff. All references and tools belong to their respective owners. I'm just maintaining it.

breach-parse

A tool for parsing breached passwords

catspin

Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.

CRTP-Notes

Study materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing

CVE-2022-46169-CACTI-1.2.22

This is a exploit of CVE-2022-46169 to cacti 1.2.22. This exploit allows through an RCE to obtain a reverse shell on your computer.

Databricks-Certified-Data-Engineer-Associate

The resources of the preparation course for Databricks Data Engineer Associate certification exam

Exploit-for-Searchor-2.4.0-Arbitrary-CMD-Injection

Reverse Shell Exploit for Searchor <= 2.4.2 (2.4.0)

git-dumper

A tool to dump a git repository from a website

GOAD

game of active directory

iOS-pentest

Most usable tools for iOS penetration testing

kafdrop

Kafka Web UI

linikatz

linikatz is a tool to attack AD on UNIX

MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services

microservices-demo

Sample cloud-first application with 10 microservices showcasing Kubernetes, Istio, and gRPC.

mimipenguin

A tool to dump the login password from the current linux user

MobileApp-Pentest-Cheatsheet

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

oscp-security-notes

Markdown repo for notes on all things redteaming

oscp2024

My curated list of resources for OSCP preperation

p0wny-shell

Single-file PHP shell

Portswigger_labs

This repository contains my writeups for the labs in PortSwigger's Web Security Academy platform. Each lab writeup includes the lab's name, description, and my step-by-step solution, as well as any additional notes or observations.

tutorials

username-anarchy

Username tools for penetration testing

vishnudxb