Security and Pen-Testing
My personal recommendation of resources related to IT security and pen-testing
Posted October 15, 2021 by Adrian Wyssmann
Url
Description
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
external-protocol-flooding
Scheme flooding vulnerability: how it works and why it is a threat to anonymous browsing
Url
Description
Depix
Recovers passwords from pixelized screenshots
RedRabbit
PowerShell script aimed at helping pentesters conduct ethical hacking #RedTeam. The aim is to highlight just how Powerful PowerShell is and how it can be used against you (Ethically)
social-analyzer
API, CLI & Web App for analyzing & finding a person’s profile across social media \ websites (Detections are updated regularly)
cve-search
cve-search - a tool to perform local searches for known vulnerabilities
Infection Monkey
[Infection Monkey](Infection Monkey - An automated pentest tool ) - An automated pentest tool
SocialFish
Educational Phishing Tool & Information Collector
bettercap
The Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks
mimikatz
A little tool to play with Windows security, see also here
Resources#
Url
Description
KingOfBugBountyTips
Share tips from some well-known bughunters. Using recon methodology, we are able to find subdomains, apis, and tokens that are already exploitable, so we can report them. We wish to influence Onelinetips and explain the commands, for the better understanding of new hunters.
Incident-Playbook
GOAL: Incident Response Playbooks Mapped to MITRE Attack Tactics and Techniques. [Contributors Friendly]
Hack Code Develop
An awesome collection of curated Cyber Security resources(Books, Tutorials, Blogs, Podcasts, …)
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news
Edit this page