Lists (1)
Starred repositories
36
stars
written in HTML
Clear filter
A list of public penetration test reports published by several consulting firms and academic security groups.
Automagically reverse-engineer REST APIs via capturing traffic
Compilation of public failure/horror stories related to Kubernetes
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
Automate the creation of a lab environment complete with security tooling and logging best practices
Active Directory and Internal Pentest Cheatsheets
Tools, tips, tricks, and more for exploring ICS Security.
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything that modify attributes. This all includes tools to work with anything in gener…
A Nmap XSL implementation with Bootstrap.
Open-source pentesting management and automation platform by Salesforce Product Security
A library of pretexts to use on offensive phishing engagements.
Neet - Network Enumeration and Exploitation Tool
Code repository for Mastering Modern Web Penetration Testing, published by Packt
Web based code browser using clang to provide basic code analysis.