A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Collection of Windows Hacking Binaries

Various *nix tools built as statically-linked binaries

Collection of things made during my OSCP journey

Empire is a PowerShell and Python post-exploitation agent.

Loki - Simple IOC and YARA Scanner

A curated list of awesome infosec courses and training resources.

Linux enumeration tool for pentesting and CTFs with verbosity levels

WPScan WordPress security scanner. Written for security professionals and blog maintainers to test the security of their WordPress websites. Contact us via [email protected]

The ultimate WinRM shell for hacking/pentesting

pwning IPv4 via IPv6

PowerSploit - A PowerShell Post-Exploitation Framework

Windows Exploit Suggester - Next Generation

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

PowerTools is a collection of PowerShell projects with a focus on offensive operations.

SharpUp is a C# port of various PowerUp functionality.

A deep look at some recon methodologies and web-application vulnerabilities of my interest where I will merge all my notes gathered from books, videos, articles and own experience with bug bounty h…

Windows / Linux Local Privilege Escalation Workshop

This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with the AWAE course. This repo will likely contain custom code by…

Fast and customizable vulnerability scanner based on simple YAML based DSL.

Awesome XSS stuff

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

OWASP API Security Project

📝 Markdown code for lots of small badges 🎀 📌 (shields.io, forthebadge.com etc) 😎. Contributions are welcome! Please add yours!

World's fastest and most advanced password recovery utility

OWASP based Web Application Security Testing Checklist is an Excel based checklist which helps you to track the status of completed and pending test cases.

OWASP Foundation Web Respository

Web recon script. No need to fear, sumrecon is here!

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Take a list of domains and probe for working HTTP and HTTPS servers