cisagov / pen-testing-findingsLinks
A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test.
☆256Updated 3 years ago
Alternatives and similar repositories for pen-testing-findings
Users that are interested in pen-testing-findings are comparing it to the libraries listed below
Sorting:
- ☆243Updated 11 months ago
- A collection of companies that disclose adversary TTPs after they have been breached☆291Updated last month
- This Repo serves as a collection of shared security and penetration testing resources for the cloud.☆290Updated last year
- Find CVEs associated to Linux and public exploits on github☆119Updated 8 months ago
- GCPGoat : A Damn Vulnerable GCP Infrastructure☆422Updated last year
- Halberd : Multi-Cloud Agentic Attack Tool☆327Updated this week
- List of tools and resources for pentesting Microsoft Active Directory☆111Updated 5 months ago
- This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used…☆236Updated last year
- autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat☆109Updated 2 years ago
- An open-source self-hosted purple team management web application.☆295Updated last week
- This is a RSS feed collection for all the InfoSec Content Creators☆33Updated 2 years ago
- ☆67Updated 3 years ago
- Domain_checker application is the trial/demo version for the new EASM (External Attack Surface Management) system called HydrAttack (hydr…☆189Updated last year
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Updated last year
- ☆174Updated 2 years ago
- Websec interview questions by tib3rius answered☆308Updated 2 years ago
- Completely Risky Active-Directory Simulation Hub☆102Updated 2 years ago
- Repository with some necessary information for you to create your PenTest consultancy☆100Updated 11 months ago
- A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud☆138Updated 3 years ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆343Updated 9 months ago
- Certainly is a offensive security toolkit to capture large amounts of traffic in various network protocols in bitflip and typosquat scena…☆221Updated last year
- Dredging up secrets from the depths of the file system☆131Updated last year
- ☆192Updated 8 months ago
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆274Updated 7 months ago
- A simple Bash script to automate some organization and repetitive tasks while doing TryHackMe or HackTheBox machines☆38Updated 2 years ago
- All the deals for InfoSec related software/tools this Black Friday☆258Updated 3 weeks ago
- Welcome to Project KillChain, a comprehensive GitHub repository for Red and Blue Teams. This repository houses tools, scripts, technique…☆110Updated last year
- An automated Adversary Emulation lab with terraform and MCP server. Build Caldera techniques and operations assisted with LLMs. Built f…☆203Updated last month
- A tool to keep AWS pentests and red teams efficient, organized, and stealthy.☆96Updated last year
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆194Updated 10 months ago