cisagov / pen-testing-findings
A collection of Active Directory, phishing, mobile technology, system, service, web application, and wireless technology weaknesses that may be discovered during a penetration test.
☆243Updated 2 years ago
Alternatives and similar repositories for pen-testing-findings:
Users that are interested in pen-testing-findings are comparing it to the libraries listed below
- ☆237Updated 2 months ago
- This repo contains my pentesting template that I have used in PWK and for current assessments. The template has been formatted to be used…☆208Updated 3 months ago
- ☆137Updated 3 years ago
- Active Directory Generator files for Movement, Pivoting, and Persistence for Pentesters and Ethical Hackers.☆209Updated 2 years ago
- Offensive security and Penetration Testing TTP for Cloud based environment (AWS / Azure / GCP)☆325Updated last month
- ☆475Updated 11 months ago
- Find CVEs associated to Linux and public exploits on github☆117Updated last year
- Halberd : Multi-Cloud Attack Platform☆256Updated 3 weeks ago
- Websec interview questions by tib3rius answered☆307Updated last year
- A OWASP Based Checklist With 80+ Test Cases☆141Updated 2 years ago
- This Repo serves as a collection of shared security and penetration testing resources for the cloud.☆261Updated 8 months ago
- A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud☆116Updated 2 years ago
- LOLAPPS is a compendium of applications that can be used to carry out day-to-day exploitation.☆184Updated last month
- autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump.py and hashcat☆109Updated last year
- ☆172Updated last year
- Recon MindMap (RMM)☆155Updated 10 months ago
- This repo contains IOC, malware and malware analysis associated with Public cloud☆249Updated 4 months ago
- This is a RSS feed collection for all the InfoSec Content Creators☆32Updated last year
- ☆162Updated 3 years ago
- CSbyGB PenTips Gitbook☆108Updated 3 weeks ago
- A collection of companies that disclose adversary TTPs after they have been breached☆244Updated 11 months ago
- Collection of offensive tools targeting Microsoft Azure☆206Updated 2 years ago
- An open-source self-hosted purple team management web application.☆265Updated this week
- Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @Webbi…☆239Updated 2 weeks ago
- A checklist to help students track their OSCP exercise progress.☆146Updated 2 years ago
- An automated Breach and Attack Simulation lab with terraform. Built for IaC stability, consistency, and speed.☆184Updated 9 months ago
- Azure mindmap for penetration tests☆179Updated last year
- Vulnerability scanner for AWS customer managed policies using ChatGPT☆150Updated last year
- Dredging up secrets from the depths of the file system☆125Updated 5 months ago
- Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.☆165Updated 5 months ago