stivenhacker Goto Github PK

cheatsheet-god

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

cheatsheetseries

The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

checklists

Red Teaming & Pentesting checklists for various engagements

cloud-devsecops-learning

Collection of Cloud and DevSecOps learning resources

cloud-security-attacks

Azure and AWS Attacks

cloud_enum

Multi-cloud OSINT tool. Enumerate public resources in AWS, Azure, and Google Cloud.

cloudbrute

Awesome cloud enumerator

cloudfox

Automating situational awareness for cloud penetration tests.

cloudpentestcheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

crto

Certified Red Team Operator

ecxd-preparation

eLearnSecurity Certified Exploit Development

ejpt

Some knowledge learnt during the eJPT studying.

empire

Empire is a PowerShell and Python post-exploitation agent.

evil-winrm

The ultimate WinRM shell for hacking/pentesting

fsociety

fsociety Hacking Tools Pack – A Penetration Testing Framework

galaxy-bugbounty-checklist

Tips and Tutorials for Bug Bounty and also Penetration Tests.

goad

game of active directory

guide-ceh-practical-master

hacking-resources

Hacking resources and cheat sheets. References, tools, scripts, tutorials, and other resources that help offensive and defensive security professionals.

havoc

The Havoc Framework C2C

howtohunt

Collection of methodology and test case for various web vulnerabilities.

information-security-relatory

Reports from various areas of information security

intruderpayloads

A collection of Burpsuite Intruder payloads, BurpBounty payloads, fuzz lists, malicious file uploads and web pentesting methodologies and checklists.

invoke-edrchecker

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services, the registry and running drivers for the presence of known defensive products such as AV's, EDR's and logging tools.

isf

ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python

macro_pack

macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

mind-maps

Mind-Maps of Several Things

mortar

evasion technique to defeat and divert detection and prevention of security products (AV/EDR/XDR)

msdt-follina

Codebase to generate an msdt-follina payload

nimblackout

Kill AV/EDR leveraging BYOVD attack