mrjanab Goto Github PK

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

ad-attack-defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

androidmobilepentest101

Pentesting Android Application Course For Kids+ (English and Vietnamese edition)

arno

An automation tool to install the most popular tools for bug bounty or pentesting.

awesome-bugbounty-writeups

A curated list of bugbounty writeups (Bug type wise) , inspired from https://github.com/ngalongc/bug-bounty-reference

bandit

Bandit is a tool designed to find common security issues in Python code.

cheatsheet-god

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

checkurl

Checkurl shows the http/https status code

comptia

Resources for CompTIA Exams

fast-google-dorks-scan

The OSINT project, the main idea of which is to collect all the possible Google dorks search combinations and to find the information about the specific web-site: common admin panels, the widespread file types and path traversal. The 100% automated.

fluxion

Fluxion is a remake of linset by vk496 with enhanced functionality.

free-lunch

A curated list of free Windows software, online services and resources.

getting-into-infosec-and-cybersecurity

A shorter, less intimidating list of infosec resources helpful for anyone trying to learn.

hacktricks

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

ilspy

.NET Decompiler with support for PDB generation, ReadyToRun, Metadata (&more) - cross-platform!

infosec_reference

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

ios-penetration-testing-cheat-sheet

Work in progress...

jaws

JAWS - Just Another Windows (Enum) Script

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

kingofbugbountytips

Our main goal is to share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters..

lazyrecon

This script is intended to automate your reconnaissance process in an organized fashion

linux-smart-enumeration

Linux enumeration tool for pentesting and CTFs with verbosity levels

lux

👾 Fast and simple video download library and CLI tool written in Go

masscan

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

mimikatz

A little tool to play with Windows security

mrjanab

nishang

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

onelistforall

Rockyou for web fuzzing

oscp-note

list of useful commands, shells and notes related to OSCP

oscp_bible

This is a collection of resources, scripts, bookmarks, writeups, notes, cheatsheets that will help you in OSCP Preparation as well as for general pentesting and learning. If you feel like you can contribute in it. Please do that, I'll appreciate you.