CLI Terminal Theme for Wordpress

Terminal Emulators

Scan for misconfigured S3 buckets across S3-compatible APIs!

Hands-on Security Labs focused on Azure IaaS Security

Azure AD cheatsheet for the CARTP course

Active Directory and Internal Pentest Cheatsheets

Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.

A collection of awesome penetration testing resources, tools and other shiny things

This repo offers notes and resources on ethical hacking, covering information gathering, scanning, web hacking, exploitation, and Windows/Linux hacking.

Host and manage multiple Juice Shop instances for security trainings and Capture The Flags

🚨ATTENTION🚨 The Security Stack Mappings have migrated to the Center’s Mappings Explorer project. See README below. This repository is kept here as an archive.

Process documentation, non-code deliverables, and miscellaneous artifacts of Kubernetes SIG Security

A curated list for Awesome Kubernetes Security resources

Knowledge needed to obtain the OSCP certification

An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.

Kubernetes Goat is a "Vulnerable by Design" cluster environment to learn and practice Kubernetes security using an interactive hands-on playground 🚀

Awesome list for cloud security related projects

Identify privilege escalation paths within and across different clouds

Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

Peirates - Kubernetes Penetration Testing tool

Small utility to chunk up a large BloodHound JSON file into smaller files for importing.

Azure Data Exporter for BloodHound

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Custom Query list for the Bloodhound GUI based off my cheatsheet

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

A tool for checking if MFA is enabled on multiple Microsoft Services

PowerShell framework to assess Azure security