Payloads All The Things
A comprehensive list of useful payloads and bypasses for Web Application Security, including README.md files with vulnerability descriptions and exploitation techniques, Intruder files for Burp Intruder, images, and other referenced files. It also covers various attack techniques for Active Directory, Cloud services like AWS and Azure, Linux, Metasploit, network pivoting, reverse shells, subdomain enumeration, and Windows.
FEATURES
ALTERNATIVES
Very vulnerable ARM/ARM64[AARCH64] application with various levels of vulnerabilities for exploitation training.
An image with commonly used tools for creating a pentest environment easily and quickly, with detailed instructions for launching in a VPS.
Generates shellcode that loads Windows payloads from memory and runs them with parameters.
Python framework for building and utilizing interfaces to transfer data between frameworks with a focus on Command and Control frameworks.
CredMaster enhances password spraying tactics with IP rotation to maintain anonymity and efficiency.
Modern, asynchronous, multiplayer & multiserver C2/post-exploitation framework with Python 3 and .NETs DLR.
Mortar is an evasion technique to defeat and divert detection and prevention of security products, including AV, EDR, and XDR solutions.
A C2 profile generator for Cobalt Strike designed to enhance evasion.
PINNED
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.