An organized learning path on Clean Code, Test-Driven Development, Legacy Code, Refactoring, Domain-Driven Design and Microservice Architecture

PowerShell Digital Forensics & Incident Response Scripts.

KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

ASLR bypass without infoleak

This repo contains IOC, malware and malware analysis associated with Public cloud

This repo is about Active Directory Advanced Threat Hunting

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

This challenge is Inon Shkedy's 31 days API Security Tips.

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Pointing cybersecurity teams to thousands of detection rules and offensive security tests aligned with common attacker techniques

Cover various security approaches to attack techniques and also provides new discoveries about security breaches.

Codebase to generate an msdt-follina payload

Awesome free cloud native security learning labs. Includes CTF, self-hosted workshops, guided vulnerability labs, and research labs.

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

Detection Engineering is a tactical function of a cybersecurity defense program that involves the design, implementation, and operation of detective controls with the goal of proactively identifyin…

A library of Incident Response notebooks using Jupyter. We will show how you can leverage pre-defined notebook files to guide your incident responders in identifying, containing, eradicating, and r…

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

You didn't think I'd go and leave the blue team out, right?

A curated Cyber "Security Orchestration, Automation and Response (SOAR)" awesome list.

FAME Automates Malware Evaluation

Helped during my OSCP lab days.

Really can protect from ransomware encryption?

The Red Rabbit project is just what a hacker needs for everyday automation. Red Rabbit unlike most frameworks out there does not automate other peoples tools like the aircrack suite or the wifite f…

RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!

Shuffle: A general purpose security automation platform. Our focus is on collaboration and resource sharing.

It's a Docker Environment for Pentesting which having all the required tool for VAPT.

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).