skybersec Goto Github PK

antiflood

Anti-Flood: DoS, DDoS, Brute Force, SYN/UDP Flood

applocker-guidance

Configuration guidance for implementing application whitelisting with AppLocker. #nsacyber

apt-hunter

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity

art-of-hacking-study

This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

atomic-threat-coverage

Actionable analytics designed to combat threats

awesome-incident-response

A curated list of tools for incident response

awesome-threat-detection

A curated list of awesome threat detection and hunting resources

badblood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

bugbountybooks

A collection of PDF/books about the modern web application security and bug bounty.

caldera

Automated Adversary Emulation Platform

cloudpentestcheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

cowitness

CoWitness is a powerful web application testing tool that enhances the accuracy and efficiency of your testing efforts. It allows you to mimic an HTTP server and a DNS server, providing complete responses and valuable insights during your testing process.

creddump7

cyberscripts

Random collection of scripts i've created or saved

didierstevenssuite

Please no pull requests for this repository. Thanks!

dnstwist

Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation

domainpasswordspray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

empire

Empire is a PowerShell and Python 3.x post-exploitation framework.

esp32-sour-apple

Uses a Exploit found by @Willy-JL and @ECTO-1A to crash IOS17 devices over bluetooth.

events-ripper

Project based on RegRipper, to extract add'l value/pivot points from TLN events file

evil-winrm

The ultimate WinRM shell for hacking/pentesting

eyewitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

filebuster

An extremely fast and flexible web fuzzer

findfrontabledomains

Search for potential frontable domains

flare-vm

flippernested

Recover Mifare Classic keys on Flipper Zero

god-mode-rules

God Mode Detection Rules

gourlex

Gourlex is a simple tool that can be used to extract URLs and paths from web pages.

havoc

The Havoc Framework.