Waqas Ali's starred repositories
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
ThreatHunter-Playbook
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
domain_analyzer
Analyze the security of any domain by finding all the information possible. Made in python.
security-txt
A proposed standard that allows websites to define security policies.
metasploit-payloads
Unified repository for different Metasploit Framework payloads
windows-event-forwarding
A repository for using windows event forwarding for incident detection and response
icebreaker
Gets plaintext Active Directory credentials if you're on the internal network but outside the AD environment
CACTUSTORCH
CACTUSTORCH: Payload Generation for Adversary Simulations
CheckPlease
Sandbox evasion modules written in PowerShell, Python, Go, Ruby, C, C#, Perl, and Rust.
tactical-exploitation
Modern tactical exploitation toolkit.
CVE-2017-0199
Exploit toolkit CVE-2017-0199 - v4.0 is a handy python script which provides pentesters and security researchers a quick and effective way to test Microsoft Office RCE. It could generate a malicious RTF/PPSX file and deliver metasploit / meterpreter / other payload to victim without any complex configuration.
java-deserialization-exploits
A collection of curated Java Deserialization Exploits
RemoteRecon
Remote Recon and Collection
dataplaneapi
HAProxy Data Plane API
Hephaestus
Open Source Office Malware Generation & Polymorphic Engine for Red Teams and QA testing
WDACPolicies
A collection of Windows software baseline notes with corresponding Windows Defender Application Control (WDAC) policies