weev3's repositories
SysmonHunter
An easy ATT&CK-based Sysmon hunting tool, showing in Blackhat USA 2019 Arsenal
macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
metta
An information security preparedness tool to do adversarial simulation.
impacket
Impacket is a collection of Python classes for working with network protocols.
BeRoot
Privilege Escalation Project - Windows / Linux / Mac
altdns
Generates permutations, alterations and mutations of subdomains and then resolves them
reternal-quickstart
Repo containing docker-compose files and setup scripts without having to clone the individual reternal components
DeathStar
Automate getting Domain Admin using Empire
smartcontract_sec_roadmap
My personal bookmarks to learn smart contract bugs
bbtoolswithterraform
Install recon tools with terraform in digital ocean droplets
DVIA-v2
Damn Vulnerable iOS App (DVIA) is an iOS application that is damn vulnerable. Its main goal is to provide a platform to mobile security enthusiasts/professionals or students to test their iOS penetration testing skills in a legal environment. This project is developed and maintained by @prateekg147. The vulnerabilities and solutions covered in this app are tested up to iOS 11. The current version is writen in Swift and has the following vulnerabilities.
burpdeveltraining
Material for the training "Developing Burp Suite Extensions – From Manual Testing to Security Automation"
Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
caldera
Automated Adversary Emulation
security-paper
(与本人兴趣强相关的)各种安全or计算机资料收集
attack-arsenal
A collection of red team and adversary emulation resources developed and released by MITRE.
awesome-appsec
A curated list of resources for learning about application security
kubernetes-goat
Kubernetes Goat is "Vulnerable by Design" Kubernetes Cluster.
awesome-vehicle-security
🚗 A curated list of resources for learning about vehicle security and car hacking.
hacker-container
Container with all the list of useful tools/commands while hacking Kubernetes Clusters
oss-fuzz
OSS-Fuzz - continuous fuzzing of open source software.
EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
linux-exploitation-course
A Course on Intermediate Level Linux Exploitation
nullCommunity
Hands-on content for Humla/Puliya sessions at null community
WindowsInternals
Windows Internals Book 7th edition Tools
commonspeak
Content discovery wordlists generated using BigQuery