yeyintminthuhtut

awesome-industrial-control-system-security

A curated list of resources related to Industrial Control System (ICS) security.

awesome-web-hacking

A list of web application security

sandbox-attacksurface-analysis-tools

AllTheThings

Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.

DeviceGuardBypasses

A repository of some of my Windows 10 Device Guard Bypasses

knock

Knock Subdomain Scan

redteam-plan

Issues to consider when planning a red team exercise.

Aggressor-scripts

Aggressor scripts I've made for Cobalt Strike

awesome-flask

A curated list of awesome Flask resources and plugins

Checklists

Pentesting checklists for various engagements

DomainFrontingLists

A list of Domain Frontable Domains by CDN

EmbedInHTML

Embed and hide any file in an HTML file

Invoke-SilentCleanUpBypass

Bypass UAC fileless

Malleable-C2-Profiles

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.

MARA_Framework

MARA is a Mobile Application Reverse engineering and Analysis Framework. It is a toolkit that puts together commonly used mobile application reverse engineering and analysis tools to assist in testing mobile applications against the OWASP mobile security threats.

morphHTA

morphHTA - Morphing Cobalt Strike's evil.HTA

nzyme

Nzyme collects 802.11 management frames directly from the air and sends them to a Graylog (Open Source log management) setup for WiFi IDS, monitoring, and incident response. It only needs a JVM and a WiFi adapter that supports monitor mode.

pysploit

Remote exploitation framework written in Python

security-research-pocs

Proof-of-concept codes created as part of security research done by Google Security Team.

Windows-SignedBinary

AggressorScripts

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

demiguise

HTA encryption tool for RedTeams

external_c2

POC for Cobalt Strike external C2

nps_payload

This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (@Spoonman1091) Payload written by Ben Mauch (@Ben0xA) aka dirty_ben

OSCP-Survival-Guide

Kali Linux Offensive Security Certified Professional Survival Exam Guide

RepoSsessed

A project designed to parse public source code repositories and find various types of vulnerabilities.

S2-053-CVE-2017-12611

A simple script for exploit RCE for Struts 2 S2-053(CVE-2017-12611)

SecGen

Create randomly insecure VMs

UniByAv

windows-kernel-exploits

windows-kernel-exploits Windows平台提权漏洞集合