Stars
Collection of Notes and CheatSheets used for Red teaming Certs
backdoor-apk is a shell script that simplifies the process of adding a backdoor to any Android APK file. Users of this shell script should have working knowledge of Linux, Bash, Metasploit, Apktool…
Abusing Reddit API to host the C2 traffic, since most of the blue-team members use Reddit, it might be a great way to make the traffic look legit.
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04)
Some notes and examples for cobalt strike's functionality
This tool provides commandline access for https://www.hackthebox.eu, https://tryhackme.com/ and https://www.vulnhub.com/ machines.
🐶 A curated list of Web Security materials and resources.
Nuclei Templates Collection
A collection of code snippets built to assist with breaking chains.
Opsec considerations for each AWS GuardDuty finding type.
A collection of various awesome lists for hackers, pentesters and security researchers
The ultimate WinRM shell for hacking/pentesting
POC to replicate the full 'Follina' Office RCE vulnerability for testing purposes
Slides and Code for the BHUSA 2019 talk: Flying a False Flag
Takeover AWS ips and have a working POC for Subdomain Takeover.
Resources for Windows exploit development
exploits.shodan.io's unofficial api no api-key needed
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.