cyb3rm3g,github

a-red-teamer-diaries

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam.

ai-exploits

A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities

anti-virus-evading-payloads

During the exploitation phase of a pen test or ethical hacking engagement

attack-surface-framework

Tool to discover external and internal network attack surface

awesome-azure-pentest

A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.

awesome-gpt-agents

A curated list of GPT agents for cybersecurity

awesome-honeypots

an awesome list of honeypot resources

awesome-oneliner-bugbounty

A collection of awesome one-liner scripts especially for bug bounty tips.

awesome-pentest-cheat-sheets

Collection of cheat sheets useful for pentesting

awesome-shodan-queries

🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻

awesome-vulnerable

A curated list of VULNERABLE APPS and SYSTEMS which can be used as PENETRATION TESTING PRACTICE LAB.

bestedrofthemarket

Little AV/EDR bypassing lab for training & learning purposes

bucketloot

BucketLoot is an automated S3-compatible bucket inspector that can help users extract assets, flag secret exposures and even search for custom keywords as well as Regular Expressions from publicly-exposed storage buckets by scanning files that store data in plain-text.

burpsuite-for-pentester

This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".

c2-tracker

Live Feed of C2 servers, tools, and botnets

cartographer

Code Coverage Exploration Plugin for Ghidra

chameleon

19 Customizable honeypots for monitoring network traffic, bots activities and username\password credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres, MySQL, MSSQL, Elastic and ldap)