NIST-to-Tech
pentesting-active-directory
| NIST-to-Tech | pentesting-active-directory | |
|---|---|---|
| 2 | 2 | |
| 104 | 263 | |
| - | - | |
| 3.9 | 1.6 | |
| 4 months ago | about 1 year ago | |
| GNU General Public License v3.0 only | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
NIST-to-Tech
-
List of Open Source Security Tools
Reminds me a bit of a GitHub repo I started that maps closed and open source tools to the NIST CSF: https://github.com/mikeprivette/NIST-to-Tech
- Cyber security tools that combats phishing detection in emails
pentesting-active-directory
-
AD privEsc
It's public, https://github.com/esidate/pentesting-active-directory
-
Active Directory Pentesting mind map by Orange Cyberdefense
An Active Directory Pentesting mind map that was deleted by the original author from Xmind
What are some alternatives?
awesome-security-hardening - A collection of awesome security hardening guides, tools and other resources
MicrosoftWontFixList - A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Application-Security-Engineer-Interview-Questions - Some of the questions which i was asked when i was giving interviews for Application/Product Security roles. I am sure this is not an exhaustive list but i felt these questions were important to be asked and some were challenging to answer
Villain - Villain is a C2 framework that can handle multiple TCP socket & HoaxShell-based reverse shells, enhance their functionality with additional features (commands, utilities etc) and share them among connected sibling servers (Villain instances running on different machines).
PWF - Practical Windows Forensics Training
GoodHound - Uses Sharphound, Bloodhound and Neo4j to produce an actionable list of attack paths for targeted remediation.
CS7038-Malware-Analysis - Course Repository for University of Cincinnati Malware Analysis Class (CS[567]038)
A-Red-Teamer-diaries - RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
gitlab-watchman - Finding exposed secrets and personal data in GitLab
BypassAV - This map lists the essential techniques to bypass anti-virus and EDR
boobsnail - BoobSnail allows generating Excel 4.0 XLM macro. Its purpose is to support the RedTeam and BlueTeam in XLM macro generation.
Firecrack - :fire: Firecrack pentest tools: Facebook hacking random attack, deface, admin finder, bing dorking: