chiranjibagri Goto Github PK

patoolkit

PA Toolkit is a collection of traffic analysis plugins focused on security

payloads

Git All the Payloads! A collection of web attack payloads.

peniot

PENIOT: Penetration Testing Tool for IoT

poc-in-github

📡 PoC auto collect from GitHub.

powershell

PowerShell for every system!

powershell-protect

Audit and block PowerShell scripts in your Windows environment.

processinjection

This program is designed to demonstrate various process injection techniques

prowler

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls listed here https://d0.awsstatic.com/whitepapers/compliance/AWS_CIS_Foundations_Benchmark.pdf and more than 100 additional checks that help on GDPR, HIPAA and other security requirements.

proxypunch

Finding SSL Blindspots for Red Teams

purplecloud

An Infrastructure as Code (IaC) deployment of a small Active Directory pentest lab in the cloud. The deployment simulates a semi-realistic corporate enterprise Active Directory with a DC and endpoints. Purple team goals include blue team detection capabilities and R&D for detection engineering new approaches.

python

red-team-notes

OSCP guide and Red Team assessment Guide

rengine

reNgine is an automated reconnaissance framework meant for gathering information during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.

resources-for-beginner-bug-bounty-hunters

A list of resources for those interested in getting started in bug bounties

saleor

A modular, high performance, headless e-commerce platform built with Python, GraphQL, Django, and React.

scripts

shad0w

A post exploitation framework designed to operate covertly on heavily monitored environments

sharphose

Asynchronous Password Spraying Tool in C# for Windows Environments

simulator

Kubernetes Security Training Platform - Focussing on security mitigation

skyark

SkyArk helps to discover, assess and secure the most privileged entities in Azure and AWS

sqli-labs

SQLI labs to test error based, Blind boolean based, Time based.

state-of-cloud-security

A collection of 2020 artifacts describing the major pain points, vulnerabilities and concerns with Cloud Security.

stormspotter

Azure Red Team tool for graphing Azure and Azure Active Directory objects

terragoat

TerraGoat is Bridgecrew's "Vulnerable by Design" Terraform repository. TerraGoat is a learning and training project that demonstrates how common configuration errors can find their way into production cloud environments.

tiyunzong-an-exploit-chain-to-remotely-root-modern-android-devices

tls-poison

torbot

Dark Web OSINT Tool

vajra

Vajra is a UI-based tool with multiple techniques for attacking and enumerating in the target's Azure environment. It features an intuitive web-based user interface built with the Python Flask module for a better user experience. The primary focus of this tool is to have different attacking techniques all at one place with web UI interfaces.

web-application-pentest-checklist

This is one of the largest checklist available so far on the Internet.

white-box-pentesting

This lab is created to demonstrate pass-the-hash, blind sql and SSTI vulnerabilities