lanceae Goto Github PK

a-red-teamer-diaries

RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

ansible-collection-hardening

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

anti-virus-evading-payloads

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!

arsenal

Arsenal is just a quick inventory and launcher for hacking programs

awesome-bugbounty-tools

A curated list of various bug bounty tools

awesome-honeypots

an awesome list of honeypot resources

awesome-redteam-cheatsheet

Active Directory & Red-Team Cheat-Sheet in constant expansion.

awesome-security-collection

1000+ Github Security Resource Collection Repos.

awesome-security-hardening

A collection of awesome security hardening guides, tools and other resources

awesome-shell-1

A curated list of awesome Shell frameworks, libraries and software.

awesome-web3-security

A curated list of resources for learning web3 hacking/Security

beginner-network-pentesting

Notes for Beginner Network Pentesting Course

botpeass

Use this bot to monitor new CVEs containing defined keywords and send alerts to Slack and/or Telegram.

breach-parse

A tool for parsing breached passwords

chisel

A fast TCP tunnel over HTTP

com-hunter

COM Hijacking VOODOO

configtemplates

Collection of configuration files that can be used as good starting points to secure different services and tools

crlfsuite

The most powerful CRLF injection (HTTP Response Splitting) scanner.

cybersecurity

Cybersecurity stuff for both the blue team and the red team, mostly red though.

defaultcreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

dfscoerce

dshp

damn simple honey pot

evtx-attack-samples

Windows Events Attack Samples

external-pentest-checklist

follinascanner

A tool written in Go that scans files & directories for the Follina exploit (CVE-2022-30190)

go-windapsearch

Utility to enumerate users, groups and computers from a Windows domain through LDAP queries

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

hardening

Repository of Hardening Guides

hashcat-rule

Rule for hashcat or john. Aiming to crack how people generate their password