Repositório criado com intuito de reunir informações, fontes(websites/portais) e tricks de OSINT dentro do contexto Brasil.

An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

KeePassXC is a cross-platform community-driven port of the Windows application “Keepass Password Safe”.

This repo contains IOC, malware and malware analysis associated with Public cloud

PrivKit is a simple beacon object file that detects privilege escalation vulnerabilities caused by misconfigurations on Windows OS.

VMWare Aria Operations for Networks (vRealize Network Insight) Static SSH key RCE (CVE-2023-34039)

An open-source intelligence (OSINT) analysis tool leveraging GPT-powered embeddings and vector search engines for efficient data processing

Vcenter综合渗透利用工具包 | Vcenter Comprehensive Penetration and Exploitation Toolkit

Remote Shellcode Injector

Attack surface detector that identifies endpoints by static analysis

SMS/Email/Whatsapp/Twitter/Instagram bombers Collection 💣💣💣 💥 Also added collection of some Fake SMS utilities which helps in skip phone number based SMS verification by using a temporary phone num…

Digital Forensics Incident Response and Detection engineering: Análisis forense de artefactos comunes y no tan comunes. Técnicas anti-forense y detección de técnicas utilizadas por actores malicios…

Understanding WinRAR Code Execution Vulnerability (CVE-2023-38831)

This project is a Python script that exploits the CVE-2023-24489 vulnerability in ShareFile. It allows remote command execution on the target server. The script supports both Windows and Linux (On …

This PowerShell script allows you to query VirusTotal API for threat intelligence data. Given an input CSV file containing a list of IPs, URLs, or file hashes, the script will contact VirusTotal AP…

🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Pers…

Hardens Windows Server to CIS Standards

Original PoC for CVE-2023-30367

This cheatsheet is built for the Bug Bounty Hunters and penetration testers in order to help them hunt the vulnerabilities from P4 to P1 solely and completely with "BurpSuite".

This cheatsheet was created to assist Red Teamers and Penetration Testers in hunting down vulnerabilities using "Nmap."

This cheasheet is aimed at the CTF Players and Beginners to help them sort Hack The Box Labs on the basis of Operating System and Difficulty.

This cheatsheet is aimed at the Red Teamers to help them understand the fundamentals of Credential Dumping (Sub Technique of Credential Access) with examples. There are multiple ways to perform the…

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.

All reasonably stable tools

This GitHub page shows the CISO Tradecraft Podcast broken down by Topic

Esse guia contém todas as informações necessárias para se introduzir na área de segurança da informação, dessa maneira, você encontrará, cursos, indicações de livros, roadmaps, playlists, certifica…

VirusTotal public API implementation in Delphi