Cybersecurity Tools and Resources

This repository contains a curated collection of tools, scripts, and cheat sheets designed for penetration testing, exploit development, and security research. It includes both offensive and defensive tools, Proof-of-Concepts (POCs) for various vulnerabilities, and resources to aid security professionals in their work.

Table of Contents

1. Active Directory
2. Exploits
3. Pentesting Tools
4. Cheat Sheets
5. Web and Cloud Recon
6. Hash Cracking
7. Miscellaneous
8. Files and Tools
9. Contributing
10. License

Active Directory

• ADModule - PowerShell module for Active Directory exploitation.
• NTLM Relaying - Guide on NTLM relaying techniques.
• Active Directory Attack - Methods and tactics for attacking Active Directory.
• Active Directory Security - Resource for AD attack and defense strategies.
• BloodHound.py - Python tool for analyzing Active Directory trust relationships.
• BloodHound Custom Queries - Custom queries for BloodHound.
• Active Directory Exploitation Cheat Sheet - Cheat sheet for AD enumeration and attacks.
• AMSI Bypass (PowerShell) - Techniques for bypassing AMSI using PowerShell.

Exploits

• SMB Ghost POC (CVE-2020-0796) - POC for SMB Ghost (CVE-2020-0796).
• SAMBA CVE-2017-7494 - Remote code execution exploit for SAMBA CVE-2017-7494.
• Evil-WINRM - PowerShell remoting framework for pentesting.
• MitM6 - Tool for exploiting IPv6 attacks within IPv4 networks.
• Maximizing BloodHound - Guide for advanced BloodHound features.

Pentesting Tools

• PayloadsAllTheThings - Payloads for various vulnerabilities.
• MANSPIDER - SMB crawler for finding sensitive files.
• CrackMapExec - Tool for pentesting Windows/Active Directory.
• Big List of Naughty Strings - Test strings for input validation.
• PHP Reverse Shell - PHP script for reverse shells.

Cheat Sheets

• OSCP Cheat Sheet - Cheat sheet for OSCP certification.
• Bug Bounty Cheat Sheet - Guide for bug bounty hunters.
• Active Directory Cheat Sheet - AD enumeration and exploitation commands.

Web and Cloud Recon

• Subfinder - Subdomain enumeration tool.
• crt.sh - Certificate Transparency logs for finding subdomains.

Hash Cracking

• Hashcat Example Hashes - Example hashes supported by Hashcat.
• CrackStation - Tool for cracking hashes with large dictionaries.

Miscellaneous

• Nmap - Network scanner and vulnerability detection tool.
• Email Bomber - Tool for bulk email testing.
• Exploit DB - Archive of public exploits and vulnerabilities.

Files and Tools

• Accesschk.zip: Utility for viewing effective permissions.
• Active-Directory - Cheat-Sheet: Commands and tips for Active Directory.
• CVE-2020-0796-POC.zip: POC for SMB Ghost vulnerability.
• JuicyPotato.exe: Privilege escalation tool.
• LICENSE: Repository license file.
• Nishang: Collection of PowerShell scripts and payloads.
• OSCP Cheat Sheet: Tips for OSCP exam.
• Pentestmonkey: Tools and scripts for penetration testing.
• RCE SAMBA CVE-2017-7494: Remote code execution exploit for SAMBA.
• Rubeus.exe: Tool for interacting with Kerberos tickets.
• Seatbelt.exe: Post-exploitation enumeration tool.
• VC_redist.x64.exe: Microsoft Visual C++ Redistributable package.
• amsibypass.txt: AMSI bypass techniques.
• bugbounty-onliners.md: Bug bounty tips and tricks.
• evil-winrm: PowerShell-based WinRM client.
• kaliupdatescript: Script for updating Kali Linux.
• python_rev_shell.py: Python reverse shell script.
• test.php: PHP script for web application testing.
• tools.sh: Bash script with useful commands.
• windows_rev_shell_working.php: PHP script for reverse shell on Windows.

Contributing

Contributions are welcome! If you have additional tools, scripts, or resources to add, please submit a pull request.

License

This repository is licensed under the MIT License. See the LICENSE file for more details.