burnnotice Goto Github PK

aggressor-scripts

Aggregation of Cobalt Strike's aggressor scripts.

aggressor_scripts

A collection of useful scripts for Cobalt Strike

aggressorassessor

Aggressor scripts for phases of a pen test or red team assessment

aggressorscripts

Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources

aggressorscripts-1

Aggressor scripts for use with Cobalt Strike 3.0+

aggressorscripts-2

allthethings

Includes 5 Known Application Whitelisting/ Application Control Bypass Techniques in One File.

applicationwhitelistbypasstechniques

A Catalog of Application Whitelisting Bypass Techniques

aquatone

A Tool for Domain Flyovers

aspx-shellcode-caesar-generator

ASPX Shellcode Ceasar Encrypted Generator is a Python script automating shellcode generation, embedding, encryption, and execution in an ASP.NET webshell for penetration testing. This tool streamlines tasks for OSEP challenges, creating encoded shellcodes using user-provided LHOST and LPORT, and setting up Metasploit handlers.

at-ps

Adversary Tactics - PowerShell Training

automsf

AutoMSF is a Python script designed for fast generation and deployment of multiple types of Meterpreter reverse_https payloads. Created to aid in OSEP challenges and exams, it generates C#, EXE, VBS, and PS1 payloads, prepares obfuscated PowerShell commands for execution, and sets up a Metasploit listener for incoming connections.

avscript

Avast JavaScript Interactive Shell

aws-certified-security-specialty

AWS Certified Security Specialty (2020) course notes

aws-iam-privilege-escalation

A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.

aws-threat-simulation-and-detection

Playing around with Stratus Red Team (Cloud Attack simulation tool) and SumoLogic

azureoutlookc2

Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.

beta

Beta versions of my software

binxorer

This script automates the process of generating, encrypting, and injecting reverse HTTPS shellcode into a C# program. It further compiles the updated code and sets up a Metasploit listener for incoming connections. Designed for cybersecurity research and penetration testing purposes.

bridgecrew-action

This Github Action runs Bridgecrew against an Infrastructure-as-Code repository. Bridgecrew performs static security analysis of Terraform & CloudFormation Infrastructure code.

burp-suite-certified-practitioner-exam-study

Burp Suite Certified Practitioner Exam Study

cheatsheet-god

Penetration Testing / OSCP Biggest Reference Bank / Cheatsheet

checkov

Prevent cloud misconfigurations during build-time for Terraform, Cloudformation, Kubernetes, Serverless framework and other infrastructure-as-code-languages with Checkov by Bridgecrew.

cobaltstrike

CobaltStrike's source code

cobaltstrike-toolkit

Some useful scripts for CobaltStrike

crackmapexec

A swiss army knife for pentesting networks

django-defectdojo

DefectDojo is an open-source application vulnerability correlation and security orchestration tool.

dotfiles

edrsandblast

endgame

An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈