This is your work, valued
Red Team All The Things! @0xbfho
RedCsharp. Collection of C# projects. Useful for pentesting and redteaming.
325RedBlueNotes. Personal notes from Red teamer for Blue/Red/Purple.
58terraform-phishing. Build a phishing server (Gophish) together with SMTP-redirector (Postfix) automatically in Digital Ocean with terraform and ansible..
20notes. Personal notes for pentest, dfir and various offense/defense fun.
5pentest_compilation. Compilation of commands, tips and scripts that helped me throughout Vulnhub, Hackthebox, OSCP and real scenarios
3Aggressor-Scripts. Aggressor scripts for Cobalt Strike
3AD-security-workshop. Resources for our Active Directory security workshops
235c3ctf. 35C3 Junior CTF pwnables
231-days-of-API-Security-Tips. This challenge is Inon Shkedy's 31 days API Security Tips.
2Active-Directory-Exploitation-Cheat-Sheet. A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
2windows-security. Resources About Windows Security. 1100+ Open Source Tools. 3300+ Blog Post and Videos.
1routeros. RouterOS Bug Hunt Materials Presented at Derbycon 2018
1adversarial-threat-modelling. Supporting material for my presentation "Adversarial Threat Modelling — A Practical Approach to Purple Teaming in the Enterprise"
1RedFile. A flask wsgi application that serves files with intelligence, good for serving conditional RedTeam payloads
1byor. Build-Your-Own Ransomware: Python demo implementation (vibe coded)
1WebShell. Webshell && Backdoor Collection
1spoofing-office-macro. :fish: PoC of a VBA macro spawning a process with a spoofed parent and command line.
1Advanced-SQL-Injection-Cheatsheet. A cheat sheet that contains advanced queries for SQL Injection of all types.
1Empire. Empire is a PowerShell and Python 3.x post-exploitation framework.
1ThreatCheck. Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.
1malware-gems. A not so awesome list of malware gems for aspiring malware analysts
1allinfosecnews_sources. A list of online news & info sources in the InfoSec/Cybersecurity space
1deobfuscation-research. some paper/project/script about deobfuscation
1ADAPE-Script. Active Directory Assessment and Privilege Escalation Script
1SprayingToolkit. Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient.
1afl-training. Exercises to learn how to fuzz with American Fuzzy Lop
1