totoroha Goto Github PK
Type: User
Type: User
Helped during my OSCP lab days.
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
Chrome v8 1Day Exploit by IstvΓ‘n Kurucsai
CIS Hardened Ubuntu Docker Image
Vulnerability Static Analysis for Containers
Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud
This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapshot permission.
Extract stored credentials from Internet Explorer and Edge
A multithreaded tool designed to identify if credentials are valid, invalid, or local admin valid credentials within a network at-scale via SMB, plus now with a user hunter
Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.
Hacking techniques useful during CTFs
CTF write-ups from the VulnHub CTF Team
Cyber Threat Intel PowerShell Script
Apache Tomcat < 9.0.1 (Beta) / < 8.5.23 / < 8.0.47 / < 7.0.8 - JSP Upload Bypass / Remote Code Execution
Remote root exploit for the SAMBA CVE-2017-7494 vulnerability
Exploits written & ported to Ruby - no Metasploit
Machine-based Text Analytics of CyberSecurity Strategies
Correlate data between domains, IPs and email addresses, present it as a graph and store everything into Elasticsearch and JSON files.
Quick PowerShell script to extract any exclusions configured for Windows Defender
Fast directory scanning and scraping tool
Web path scanner
.NET assembly editor, decompiler, and debugger
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
There may be inaccuracies as I'm still learning, mostly based on my interpretation thus far
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Someone tried to push a fake Tor Browser update via XSS injection on Empire Market profiles.
An AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet π
My Linux Environment starter
A declarative, efficient, and flexible JavaScript library for building user interfaces.
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. πππ
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google β€οΈ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.