A list of useful payloads and bypass for Web Application Security and Pentest/CTF
-
Updated
Sep 16, 2024 - Python
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Hunt down social media accounts by username across social networks
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
Web path scanner
E-mails, subdomains and names Harvester - OSINT
List of Awesome Red Teaming Resources
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Red Teaming Tactics and Techniques
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Tools and Techniques for Red Team / Penetration Testing
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀
The all-in-one browser extension for offensive security professionals 🛠
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them among connected sibling servers (Villain instances running on different machines).
Attack Surface Management & Red Team Simulation Platform 互联网攻击面管理&红队模拟平台
Add a description, image, and links to the redteam topic page so that developers can more easily learn about it.
To associate your repository with the redteam topic, visit your repo's landing page and select "manage topics."