Collection of Cyber Threat Intelligence sources from the deep and dark web

ISO 27001 Toolkit by QZ

Active Directory and Internal Pentest Cheatsheets

Sandbox for automated Linux malware analysis.

bash script for Subdomain Enumeration

Just some lists of Malware Configs

apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.

Automagically reverse-engineer REST APIs via capturing traffic

Social Media OSINT collection containing - tools, techniques & tradecraft.

Watcher - Open Source Cybersecurity Threat Hunting Platform. Developed with Django & React JS.

Scripts to help with different ffuf tasks and workflows

This repository is my documenting repository for learning the world of DevOps. I started this journey on the 1st January 2022 and I plan to run to March 31st for a complete 90-day romp on spending …

🏔 Love Freedom - ❌ Block Mass Surveillance

Automating EDR Testing with reference to MITRE ATTACK via Cobalt Strike [Purple Team].

Detection Ideas & Rules repository.

Building and Embedding Machine Learning Model into a Web App(With Flask,etc)

Because just a dark theme wasn't enough!

Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR

CVE-2021-22986 F5 BIG-IP iControl 命令执行漏洞

All about bug websites (bypasses, payloads, and etc)

Burp extension to detect alias traversal via NGINX misconfiguration at scale.

Directory transversal to remote code execution

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. It will automatically generate a userlist from the domain which excludes accounts t…

Linux post exploitation framework written in bash designed to assist red teams in persistence, reconnaissance, privilege escalation and leaving no trace.

cve-2019-0604 SharePoint RCE exploit

A collection of open source and commercial tools that aid in red team operations.

A Win7 RDP exploit