saleem144 Goto Github PK

angrypuppy

Bloodhound Attack Path Automation in CobaltStrike

api-security-checklist

Checklist of the most important security countermeasures when designing, testing, and releasing your API

application-security-engineer-interview-questions

Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer

appsecessentials

aptnotes

Various public documents, whitepapers and articles about APT campaigns

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

awesome-devsecops

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

awesome-fuzzing

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.

awesome-hacking

A collection of various awesome lists for hackers, pentesters and security researchers

awesome-infosec

A curated list of awesome infosec courses and training resources.

awesome-red-teaming

List of Awesome Red Teaming Resources

awesome-threat-modelling

A curated list of threat modeling resources (Books, courses - free and paid, videos, tools, tutorials and workshops to practice on ) for learning Threat modeling and initial phases of security review.

awesome-web-security

🐶 A curated list of Web Security materials and resources.

bad-pdf

Steal NTLM Hashes with Bad-PDF

bug-bounty-reference

Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature

cortex

Cortex: a Powerful Observable Analysis and Active Response Engine

crypton

Library consisting of explanation and implementation of all the existing attacks on various Encryption Systems, Digital Signatures, Hashing Algorithms along with example challenges from CTFs

data-import

misp-training

MISP trainings, threat intel and information sharing training materials with source code

mobileapp-pentest-cheatsheet

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.

my-ctf-web-challenges

Collection of CTF Web challenges I made

oscp

owasp-mstg

The Mobile Security Testing Guide (MSTG) is a comprehensive manual for mobile app security testing and reverse engineering.

patoolkit

PA Toolkit is a collection of traffic analysis plugins focused on security

penetration-testing

List of awesome penetration testing resources, tools and other shiny things

pentest-wiki

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

pentest_compilation

Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

privesc

A collection of Windows, Linux and MySQL privilege escalation scripts and exploits.

pythonpentest

A repository for large scripts from my book.

red-teaming-toolkit

A collection of open source and commercial tools that aid in red team operations.