https://github.com/CyberSecurityUP/information-security-relatory(Cybersecurity-Documentations)
https://github.com/mttaggart/shell-setup
https://start.me/p/AD57Rr/dfir-jedi
https://github.com/tguard-soc-package/nusantara (SOC in One)
https://www.joesandbox.com/ (Sandbox)
https://any.run/ (Sandbox)
https://github.com/rohitcoder/hawk-eye [HAWK Eye - Uncover Secrets and PII Across All Platforms in Minutes!]
https://github.com/lc/gau (GetALlUrls)
https://github.com/CyberSecurityUP/Digital-Footprint-Checklist/blob/main/checklist-english-version.md (Digital Footprint)
https://github.com/jasonxtn/argus (Reccommened)
https://github.com/loxy0dev/RedTiger-Tools (New Tool)
https://github.com/skahwah/SQLRecon
https://github.com/RedSiege/EyeWitness
https://github.com/xaitax/SploitScan
https://github.com/ANG13T/skytrack
https://github.com/Lissy93/web-check (https://web-check.xyz/) WEB OSINT
https://github.com/neonprimetime/PhishingKitTracker/blob/master/2020-05_PhishingKitTracker.csv (Phishing)
https://github.com/htr-tech/zphisher (Phishing)
https://github.com/gophish/gophish/releases (Phishing Recommended) Install in a VPS you can use Digital Ocean
https://github.com/arminc/clair-scanner (Docker Vulnerability Scanner)
https://github.com/Cybersecurity-Ethical-Hacker/xssdynagen
https://github.com/XiaoliChan/wmiexec-Pro
https://github.com/brightio/penelope (Reverse Shell tool)
https://github.com/osamaavvan/NTLM-Stealer-PDF/tree/main (NTLM Stealer pdf version)
https://github.com/outflanknl/RedELK (Red Team SIEM)
https://github.com/nicocha30/ligolo-ng (Tunnelling)
https://github.com/LasCC/HackTools
https://github.com/dievus/BlackLister
https://github.com/Pennyw0rth/NetExec
https://github.com/ropnop/kerbrute.git (AD Bruteforce)
https://github.com/GhostPack/Seatbelt (Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.)
https://github.com/PlumHound/PlumHound.git
https://github.com/SnaffCon/Snaffler?tab=readme-ov-file
https://github.com/daniellowrie/ActiveDirectory-Pentest-Resources/blob/main/README.md
https://github.com/search?q=nuclei&type=repositories
https://github.com/projectdiscovery/subfinder
https://github.com/netsecurity-as/subfuz
https://github.com/blackhatethicalhacking/DDoSlayer.git (Denial Of Service Tool)
https://github.com/Stuub/Helios (XSS Scan Tool)
https://github.com/mandatoryprogrammer/xsshunter-express (Blind XSS)
https://github.com/blacklanternsecurity/bbot(Recommended subdomain finder)
https://github.com/projectdiscovery/httpx
https://github.com/CyberSecurityUP/Offensivesecurity-Checklists
https://github.com/pentestmonkey/php-reverse-shell/blob/master/php-reverse-shell.php
https://github.com/reswob10/HomeLabResources
https://github.com/Az0x7/vulnerability-Checklist
https://github.com/Tylous/FaceDancer?tab=readme-ov-file#how-to-use
https://github.com/0xrajneesh/Ethical-Hacking-Projects-for-beginners
https://github.com/0xrajneesh/Incident-Response-Projects-for-Beginners
https://github.com/0xrajneesh/Web-Pentesting-Projects-For-Beginners
https://github.com/hafiz-ng/beetlebug (Android Hacking)
https://github.com/securitytemplates/sectemplates/tree/main/incident-response/v1
https://highon.coffee/blog/penetration-testing-tools-cheat-sheet/
https://github.com/xxooxxooxx/xxooxxooxx.github.io/wiki/OSCP-Survival-Guide
https://github.com/RustyShackleford221/OSCP-Prep.git
https://guide.offsecnewbie.com/
https://gist.github.com/kkirsche/75a8b48e58f80223f4a73c18739446dd
https://github.com/swisskyrepo/PayloadsAllTheThings (Payloads)
https://room362.com/post/2011/2011-05-16-dumping-hashes-on-win2k8-r2-x64-with-metasploit/
https://scund00r.com/all/oscp/2018/02/25/passing-oscp.html#enumeration
https://github.com/rewardone/OSCPRepo/tree/master/KeepNotes/BookmarkList
https://sushant747.gitbooks.io/total-oscp-guide/
https://ptestmethod.readthedocs.io/en/latest/index.html
https://blog.ropnop.com/practical-usage-of-ntlm-hashes/
https://github.com/burntmybagel/OSCP-Prep
https://exploitedbunker.com/articles/pentest-cheatsheet/
https://github.com/moshekaplan/pentesting_notes/
https://forum.hackthebox.eu/discussion/612/oscp-practice
https://www.hypn.za.net/blog/2017/08/27/compiling-exploit-764-c-in-2017/
https://github.com/Snifer/security-cheatsheets
http://www.lifeoverpentest.com/
https://hausec.com/pentesting-cheatsheet/#_Toc475368977
https://github.com/tanprathan/MobileApp-Pentest-Cheatsheet/blob/master/README.md
https://github.com/uppusaikiran/awesome-ctf-cheatsheet#awesome-ctf-cheatsheet-
https://github.com/brcyrr/CyberSecurityRoadmapSuggestions
https://github.com/netsecurity-as/subfuz/blob/master/subdomain_megalist.txt
https://github.com/danielmiessler/SecLists/tree/master/Discovery/DNS
https://github.com/TCM-Security/pnpt-wordlists
https://github.com/Cy-clon3/awesome-ios-security
https://danaepp.com/hacking-modern-android-apps-with-burpsuite (Mobile App Pentest)
github.com/RyanJarv/awesome-cloud-sec
https://github.com/iknowjason/Awesome-CloudSec-Labs
https://github.com/RedTeamOperations/RedCloud-OS
https://github.com/CyberSecurityUP/OSCE3-Complete-Guide
https://github.com/CyberSecurityUP/Red-Team-Exercises
https://t.co/b9Gds7MTx4 (OSCP)
π΄ RECONNAISSANCE:
- RustScan ==> https://lnkd.in/ebvRfBNy
- NmapAutomator ==> https://lnkd.in/gu5wxzf6
- AutoRecon ==> https://lnkd.in/g3DeG6YT
- Amass ==> https://lnkd.in/e7V569N5
- CloudEnum ==> https://lnkd.in/ePHDeGZv
- Recon-NG ==> https://lnkd.in/edwaXFjS
- AttackSurfaceMapper ==> https://lnkd.in/ebbcj6Rm
- DNSDumpster ==> https://dnsdumpster.com/
π΄ INITIAL ACCESS:
- SprayingToolKit ==> https://lnkd.in/eBSAPz5z
- o365Recon ==> https://lnkd.in/eJwCx-Ga
- Psudohash ==> https://lnkd.in/gcaxV6fR
- CredMaster ==> https://lnkd.in/gtMEDVuS
- DomainPasswordSpray ==> https://lnkd.in/guWj4TYv
- TheSprayer ==> https://lnkd.in/gZVuQYiv
- TREVORspray ==> https://lnkd.in/gHgcbjgV
π΄ DELIVERY:
- o365AttackToolKit ==> https://lnkd.in/etCCYi8y
- EvilGinx2 ==> https://lnkd.in/eRDPvwUg
- GoPhish ==> https://lnkd.in/ea26dfNg
- PwnAuth ==> https://lnkd.in/eqecM7de
- Modlishka ==> https://lnkd.in/eds-dR5C
π΄ COMMAND AND CONTROL:
- PoshC2 ==> https://lnkd.in/eqSJUDji
- Sliver ==> https://lnkd.in/ewN9Nday
- SILENTTRINITY ==> https://lnkd.in/eeZGbYMs
- Empire ==> https://lnkd.in/egAPa8gY
- AzureC2Relay ==> https://lnkd.in/efmh2t3g
- Havoc C2 ==> https://lnkd.in/gEFp2iym
- Mythic C2 ==> https://lnkd.in/gnCGwfWk
π΄ CREDENTIAL DUMPING:
- MimiKatz ==> https://lnkd.in/etEGfvJK
- HekaTomb ==> https://lnkd.in/eJx5Ugu5
- SharpLAPS ==> https://lnkd.in/eA28n9FT
- Net-GPPPassword ==> https://lnkd.in/e3CTez5A
- PyPyKatz ==> https://lnkd.in/eeb5b6Tz
π΄ PRIVILEGE ESCALATION:
- SharpUp ==> https://lnkd.in/etR2Pe_n
- MultiPotato ==> https://lnkd.in/eq53PXcJ
- PEASS ==> https://lnkd.in/eWA66akh
- Watson ==> https://lnkd.in/eZfYMSMX
- Bat-Potato ==> https://lnkd.in/gjziyG8q
π΄ DEFENSE EVASION:
- Villain ==> https://lnkd.in/gquyGFm5
- EDRSandBlast ==> https://lnkd.in/e8g8zYFT
- SPAWN - Cobalt Strike BOF ==> https://lnkd.in/e223PbqZ
- NetLoader ==> https://lnkd.in/ef5wCD4y
- KillDefenderBOF ==> https://lnkd.in/eVd54HUp
- ThreatCheck ==> https://lnkd.in/eHvSPakR
- Freeze ==> https://lnkd.in/eNUh3zCi
- GadgetToJScript ==> https://lnkd.in/egPQBBXJ
π΄ PERSISTENCE:
- SharPyShell ==> https://lnkd.in/eXm8h8Bj
- SharpStay ==> https://lnkd.in/erRbeFMj
- SharpEventPersist ==> https://lnkd.in/e_kJFNiB
π΄ LATERAL MOVEMENT:
- SCShell ==> https://lnkd.in/e256fC8B
- MoveKit ==> https://lnkd.in/eR-NUu_U
- ImPacket ==> https://lnkd.in/euG4hTTs
π΄ EXFILTRATION:
- SharpExfiltrate ==> https://lnkd.in/eGC4BKRN
- DNSExfiltrator ==> https://lnkd.in/epJ-s6gp
- Egress-Assess ==> https://lnkd.in/eXGFPQRJ