This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them

A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors

GhostNet

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

A tool designed to make physical devices detectable by malware and make system look like virtual machine.

Tool for using wireless signals to see if you're being followed.

LeakLooker GUI - Discover, browse and monitor database/source code leaks

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

Weaponizing for privileged file writes bugs with windows problem reporting

RunasCs - Csharp and open version of windows builtin runas.exe

WhiteWinterWolf's PHP web shell

A list of dorks for the Netlas.io search engine, with which you can find millions of objects in the boundless IoE. Contains queries to search for IoT elements, protocols, communication tools, remot…

A memory-based evasion technique which makes shellcode invisible from process start to end.

An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

Pillage web accessible GIT, HG and BZR repositories

🕷️ A `.git` folder exploiting tool that is able to restore the entire Git repository, including stash, common branches and common tags.

Never ever ever use pixelation as a redaction technique

Extract URLs, paths, secrets, and other interesting bits from JavaScript

Find domains and subdomains related to a given domain

Fetch all the URLs that the Wayback Machine knows about for a domain

Make JSON greppable!

A comprehensive guide for web application penetration testing and bug bounty hunting, covering methodologies, tools, and resources for identifying and exploiting vulnerabilities.

These are the labs for my Intro class. Yes, this is public. Yes, this is intentional.

High Octane Triage Analysis

An ncurses-based Tox client

The future of online communications.

apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.

CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting infor…