OWASP / owasp-cstg

Related projects ⓘ

Alternatives and complementary repositories for owasp-cstg

• ajinabraham / aws_security_tools
  Scripts and tools for AWS Pentest
  ☆51Updated 4 years ago
• sailay1996 / offsec_WE
  learning case to prepare OSWE
  ☆38Updated 5 years ago
• TarlogicSecurity / Arecibo
  Endpoint for Out-of-Band Exfiltration (DNS & HTTP)
  ☆90Updated 6 years ago
• awsmhacks / AttackingAD
  This repo will contain slides and information from the Attacking Active Directory Hacking Series talks presented at SecKC.
  ☆32Updated 4 months ago
• Static-Flow / DirectoryImporter
  This is a Burpsuite plugin built to enable you to import your directory bruteforcing results into burp for easy viewing later. This is an…
  ☆36Updated last year
• chryzsh / JenkinsPasswordSpray
  A tool to password spray Jenkins instances
  ☆52Updated 5 years ago
• pownjs / leaks
  Extensive code infrastructure for finding unintended information leaks in files, git repositories and much more.
  ☆28Updated 2 years ago
• nccgroup / clickjacking-poc
  Clickjacking PoC Generator
  ☆35Updated 4 years ago
• hexrom / Oracle-Pentesting-Reference
  Oracle Database Penetration Testing Reference (10g/11g)
  ☆35Updated 6 years ago
• b3n-j4m1n / Red-Terroir
  Terraform resources for building HTTP, DNS, phishing, and mail server red team infrastructure
  ☆93Updated 5 years ago
• ticarpi / my-pentesting-repo
  This is a set of tips and reminders for pentesting processes and scripts/programs. Initially for personal use, but if anyone else finds t…
  ☆52Updated 4 years ago
• VDA-Labs / websocket-harness
  Use normal web pentest tools to hack Websockets
  ☆18Updated 5 years ago
• AonCyberLabs / BurpSuite-Team-Extension
  This Burpsuite plugin allows for multiple web app testers to share their proxy history with each other in real time. Requests that comes …
  ☆21Updated 4 years ago
• hoodoer / WP-XSS-Admin-Funcs
  JavaScript functions intended to be used as an XSS payload against a WordPress admin account.
  ☆52Updated 4 years ago
• Leoid / AWSBurpCollaborator
  Deploy a Private Burpsuite Collaborator using boto3 Python Library
  ☆57Updated 4 years ago
• ministryofjustice / serpico-templates
  Report and finding templates used by the Serpico reporting tool
  ☆16Updated 6 years ago
• Static-Flow / CloudCopy
  This tool implements a cloud version of the Shadow Copy attack against domain controllers running in AWS using only the EC2:CreateSnapsho…
  ☆117Updated 5 years ago
• cinerieus / as3nt
  Another Subdomain ENumeration Tool
  ☆10Updated 2 years ago
• FortyNorthSecurity / Presentations
  Any presentation we've given at FortyNorth Security
  ☆33Updated 3 years ago
• tasooshi / exfilkit
  Data exfiltration utility for testing detection capabilities
  ☆57Updated 2 years ago
• andresriancho / vpc-vpn-pivot
  Pivot into private VPC networks using a VPN connection
  ☆41Updated 5 years ago
• BBhacKing / jwt_secrets
  A list of "secrets" from JWT sample code and readme files.
  ☆51Updated 4 years ago
• psychsecurity / Red-Team-Infrastructure
  Tooling and commands for common red team and Infrastructure testing tasks
  ☆41Updated last year
• appsecco / VyAPI
  VyAPI - A cloud based vulnerable hybrid Android App
  ☆84Updated 4 years ago
• mohitkhemchandani / OSCE_BIBLE
  A collection of OSCE preparation resources.
  ☆23Updated 5 years ago
• 3xpl01tc0d3r / Building-ActiveDirectory-Lab
  Building ActiveDirectory Lab for practicing various attack vectors used during Red Team engagement.
  ☆36Updated 4 years ago
• whoisflynn / AWAE-PREP
  This repository will serve as the "master" repo containing all trainings and tutorials done in preperation for OSWE in conjunction with t…
  ☆13Updated 5 years ago
• appsecco / using-docker-kubernetes-for-automating-appsec-and-osint-workflows
  Repository for all the workshop content delivered at nullcon X on 1st of March 2019
  ☆81Updated 5 years ago
• navisecdelta / PwnFile
  A dockerized, improved version of the Impacket smbserver.py
  ☆39Updated 5 years ago