boh Goto Github PK

31-days-of-api-security-tips

This challenge is Inon Shkedy's 31 days API Security Tips.

35c3ctf

35C3 Junior CTF pwnables

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

ad-security-workshop

Resources for our Active Directory security workshops

adape-script

Active Directory Assessment and Privilege Escalation Script

advanced-sql-injection-cheatsheet

A cheat sheet that contains advanced queries for SQL Injection of all types.

adversarial-threat-modelling

Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"

afl-training

Exercises to learn how to fuzz with American Fuzzy Lop

aggressor-scripts

Aggressor scripts for Cobalt Strike

allinfosecnews_sources

A list of online news & info sources in the InfoSec/Cybersecurity space

amsiscanbufferbypass

ansible-mitre

ansible-role-nginx-docker

application-security-engineer-interview-questions

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

at-ps

Adversary Tactics - PowerShell Training

automatego

Implementation on Go projects book "Automate the Boring Stuff with Python: Practical Programming for Total Beginners"

awesome-azure-pentest

A collection of resources, tools and more for penetration testing and securing Microsofts cloud platform Azure.

awesome-hacker-note-taking

Awesome note-taking apps for hackers & pentesters !

awesome-nmap-grep

Awesome Nmap Grep

awesome-rat

RAT resources. 100+ open source RAT, 500+ RAT analysis blog/video.

aws-cli-commands

Collection of AWS CLI commands for several AWS services.

az-500-azure-security

badblood

BadBlood by Secframe fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

bat-armor

Encode powershell payload into bat files

beautiful-jekyll

:sparkles: Build a beautiful and simple website in literally minutes. Demo at http://deanattali.com/beautiful-jekyll

best-readme-template

An awesome README template to jumpstart your projects!

bh_aws

Materials for AWS Training

blackhat-python3

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate issues of dependency resolution involving deprecated modules.

blackhoodie-2018-workshop

Slides and challenges for my binary exploitation workshop at BlackHoodie 2018.

blue-team-notes

You didn't think I'd go and leave the blue team out, right?