This is your work, valued

boh

Advanced
@boh

Red Team All The Things! @0xbfho

RedCsharp. Collection of C# projects. Useful for pentesting and redteaming.

325

RedBlueNotes. Personal notes from Red teamer for Blue/Red/Purple.

58

terraform-phishing. Build a phishing server (Gophish) together with SMTP-redirector (Postfix) automatically in Digital Ocean with terraform and ansible..

20

notes. Personal notes for pentest, dfir and various offense/defense fun.

5

pentest_compilation. Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios

3

Aggressor-Scripts. Aggressor scripts for Cobalt Strike

3

AD-security-workshop. Resources for our Active Directory security workshops

2

35c3ctf. 35C3 Junior CTF pwnables

2

31-days-of-API-Security-Tips. This challenge is Inon Shkedy's 31 days API Security Tips.

2

Active-Directory-Exploitation-Cheat-Sheet. A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

2

windows-security. Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.

1

routeros. RouterOS Bug Hunt Materials Presented at Derbycon 2018

1

adversarial-threat-modelling. Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"

1

RedFile. A flask wsgi application that serves files with intelligence, good for serving conditional RedTeam payloads

1

byor. Build-Your-Own Ransomware: Python demo implementation (vibe coded)

1

WebShell. Webshell && Backdoor Collection

1

spoofing-office-macro. :fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.

1

Advanced-SQL-Injection-Cheatsheet. A cheat sheet that contains advanced queries for SQL Injection of all types.

1

Empire. Empire is a PowerShell and Python 3.x post-exploitation framework.

1

ThreatCheck. Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

1

malware-gems. A not so awesome list of malware gems for aspiring malware analysts

1

allinfosecnews_sources. A list of online news & info sources in the InfoSec/Cybersecurity space

1

deobfuscation-research. some paper/project/script about deobfuscation

1

ADAPE-Script. Active Directory Assessment and Privilege Escalation Script

1

SprayingToolkit. Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient.

1

afl-training. Exercises to learn how to fuzz with American Fuzzy Lop

1