Link lists that I find useful or tasks to be done, will become more developed over time.
Useful LaTeX Links
- Clean BibTex ReferenceS: https://flamingtempura.github.io/bibtex-tidy
- Doi to BibTex: https://www.doi2bib.org/
- ISBN to BibTex: https://www.bibtex.com/c/isbn-to-bibtex-converter/
- Web to Bib: https://url-to-bibtex.vercel.app/
CTF’s
- https://owasp.org/www-project-juice-shop/ – TBD
- https://overthewire.org/ – TBD natas L16
Metasploit Learning
- https://www.offensive-security.com/metasploit-unleashed/
- https://github.com/AzeemIdrisi/PhoneSploit-Pro
Reconnaissance
- RustScan: https://github.com/RustScan/RustScan
- NmapAutomator: https://github.com/21y4d/nmapAutomator
- AutoRecon: https://github.com/Tib3rius/AutoRecon
- Amass: https://github.com/OWASP/Amass
- CloudEnum: https://github.com/initstring/cloud_enum
- Recon-NG: https://github.com/lanmaster53/recon-ng
- AttackSurfaceMapper: https://github.com/superhedgy/AttackSurfaceMapper
- DNSDumpster: https://dnsdumpster.com/
- Fav-Up: https://github.com/pielco11/fav-up
- PowerShell Portscanner: https://github.com/nccgroup/PS2/blob/main/ps2.ps1
Initial Access
- SprayingToolKit: https://github.com/byt3bl33d3r/SprayingToolkit
- o365Recon: https://github.com/nyxgeek/o365recon
- Psudohash: https://github.com/t3l3machus/psudohash
- CredMaster: https://github.com/knavesec/CredMaster
- DomainPasswordSpray: https://github.com/dafthack/DomainPasswordSpray
- TheSprayer: https://github.com/coj337/TheSprayer
- TREVORspray: https://github.com/blacklanternsecurity/TREVORspray
- SQL Cheatsheet: https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
Delivery
- o365AttackToolKit: https://github.com/mdsecactivebreach/o365-attack-toolkit
- EvilGinx2: https://github.com/kgretzky/evilginx2
- GoPhish: https://github.com/gophish/gophish
- PwnAuth: https://github.com/mandiant/PwnAuth
- Modlishka: https://github.com/drk1wi/Modlishka
Command and Control
- PoshC2: https://github.com/nettitude/PoshC2
- Sliver: https://github.com/BishopFox/sliver
- SILENTTRINITY: https://github.com/byt3bl33d3r/SILENTTRINITY
- Empire: https://github.com/BC-SECURITY/Empire
- AzureC2Relay: https://github.com/Flangvik/AzureC2Relay
- Havoc C2: https://github.com/HavocFramework/Havoc
Credential Dumping
- MimiKatz: https://github.com/gentilkiwi/mimikatz
- HekaTomb: https://github.com/Processus-Thief/HEKATOMB
- SharpLAPS: https://github.com/swisskyrepo/SharpLAPS
- Net-GPPPasswor: https://github.com/outflanknl/Net-GPPPassword
- PyPyKatz: https://github.com/skelsec/pypykatz
Privilege Escalation
- SharpUp: https://github.com/GhostPack/SharpUp
- MiltiPotato: https://github.com/S3cur3Th1sSh1t/MultiPotato
- PEASS: https://github.com/carlospolop/PEASS-ng
- Watson: https://github.com/rasta-mouse/Watson
- Bat-Potato: https://github.com/0x4xel/Bat-Potato
- Windows Priv Esc – https://sushant747.gitbooks.io/total-oscp-guide/content/privilege_escalation_windows.html
Defence Evasion
- Villain: https://github.com/t3l3machus/Villain
- EDRSandBlast: https://github.com/wavestone-cdt/EDRSandblast
- SPAWN – Cobolt Strike BOF: https://github.com/boku7/spawn
- Netloader: https://github.com/Flangvik/NetLoader
- KillDefenderBOF: https://github.com/Cerbersec/KillDefenderBOF
- ThreatCheck: https://github.com/rasta-mouse/ThreatCheck
- Freeze: https://github.com/optiv/Freeze
- GadgetToJScript: https://github.com/med0x2e/GadgetToJScript
- Mangle: https://github.com/optiv/Mangle
Cross-Site Scripting (XSS)
Cheetsheets
- https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/README.md
- https://cheatsheetseries.owasp.org/cheatsheets/XSS_Filter_Evasion_Cheat_Sheet.html
- https://github.com/EdOverflow/bugbounty-cheatsheet/blob/master/cheatsheets/xss.md
Payloads
- https://github.com/payloadbox/xss-payload-list
- https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/XSS%20Injection/Intruders/BRUTELOGIC-XSS-STRINGS.txt
Persistence
- SharPyShell: https://github.com/antonioCoco/SharPyShell
- SharpStay: https://github.com/0xthirteen/SharpStay
- SharpEventPersist: https://github.com/improsec/SharpEventPersist
Lateral Movement
- SCShell: https://github.com/Mr-Un1k0d3r/SCShell
- MoveKit: https://github.com/0xthirteen/MoveKit
- ImPacket: https://github.com/fortra/impacket
Exfiltration
- SharpExfiltrate: https://github.com/Flangvik/SharpExfiltrate
- DNSExfiltrator: https://github.com/Arno0x/DNSExfiltrator
- Egress-Assess: https://github.com/FortyNorthSecurity/Egress-Assess
Defence
IR List – https://github.com/meirwah/awesome-incident-response
DeepBlueCLI – https://github.com/sans-blue-team/DeepBlueCLI
Password Cracking
Penglab – https://github.com/mxrch/penglab