zpaav's repositories
algorithms
Minimal examples of data structures and algorithms in Python
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
Burp-Suite-Certified-Practitioner-Exam-Study
Burp Suite Certified Practitioner Exam Study
Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I have developed over years for Red Teaming/Pentesting/IT Security audits purposes. Most of them came handy on at least one of my real-world engagements.
C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
CrackMapExec
A swiss army knife for pentesting networks
DeimosC2
DeimosC2 is a Golang command and control framework for post-exploitation.
devops-exercises
Linux, Jenkins, AWS, SRE, Prometheus, Docker, Python, Ansible, Git, Kubernetes, Terraform, OpenStack, SQL, NoSQL, Azure, GCP, DNS, Elastic, Network, Virtualization. DevOps Interview Questions
disctopia-c2
Windows Remote Administration Tool that uses Discord as C2
EDD
Enumerate Domain Data
Exegol
Fully featured and community-driven hacking environment
javascript-algorithms
📝 Algorithms and data structures implemented in JavaScript with explanations and links to further readings
MicroBurst
A collection of scripts for assessing Microsoft Azure security
nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
Periscope
Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation)
PoshC2
A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
PySQLRecon
Offensive MSSQL toolkit written in Python, based off SQLRecon
Python
All Algorithms implemented in Python
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
up-http-tool
Simple HTTP listener for security testing
Various-Code
Various PowerShell code that I upload here - do with it what you want
WinPwn
Automation for internal Windows Penetrationtest / AD-Security