Security and Pen-Testing
My personal recommendation of resources related to IT security and pen-testing
Posted April 25, 2022 by Adrian Wyssmann
| Url |
Description |
| PayloadsAllTheThings |
A list of useful payloads and bypass for Web Application Security and Pentest/CTF |
| external-protocol-flooding |
Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing |
| Url |
Description |
| Depix |
Recovers passwords from pixelized screenshots |
| RedRabbit |
PowerShell script aimed at helping pentesters conduct ethical hacking #RedTeam. The aim is to highlight just how Powerful PowerShell is and how it can be used against you (Ethically) |
| social-analyzer |
API, CLI & Web App for analyzing & finding a person’s profile across social media \ websites (Detections are updated regularly) |
| cve-search |
cve-search - a tool to perform local searches for known vulnerabilities |
| Infection Monkey |
[Infection Monkey](Infection Monkey - An automated pentest tool ) - An automated pentest tool |
| SocialFish |
Educational Phishing Tool & Information Collector |
| bettercap |
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks |
| mimikatz |
A little tool to play with Windows security, see also here |
Resources ##
| Url |
Description |
| KingOfBugBountyTips |
Share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters. |
| Incident-Playbook |
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly] |
| Hack Code Develop |
An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, …) |
| hacktricks |
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news |