AWSGoat : A Damn Vulnerable AWS Infrastructure

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

A graph-based tool for visualizing effective access and resource relationships in AWS environments.

Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readines…

A guide to writing a DNS Server from scratch in Rust

Learning Rust By Practice, narrowing the gap between beginner and skilled-dev through challenging examples, exercises and projects.

A self-paced course to learn Rust, one exercise at a time.

Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

Analyze ELF binaries like a boss 😼🕵️‍♂️

Use Terraform to create your own vulnerable by design AWS IAM privilege escalation playground.

Curated list of links, references, books videos, tutorials (Free or Paid), Exploit, CTFs, Hacking Practices etc. which are related to AWS Security

Lord Of Active Directory - automatic vulnerable active directory on AWS

AWS Certified Cloud Practitioner Short Notes And Practice Exams (CLF-C02)

OPC-UA GUI Client

A curated list of resources related to Industrial Control System (ICS) security.

A collection of awesome penetration testing resources, tools and other shiny things

Tools, tips, tricks, and more for exploring ICS Security.

The Leading Security Assessment Framework for Android.

Main BlueZ tree

The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.

A Bluetooth low energy capture the flag

Advanced: Bluetooth low energy capture the flag

A fork of mfoc integrating hardnested code from the proxmark

Wiki to collect Red Team infrastructure hardening resources

how to crack mifare 1k rfid card

Platform for emulation and dynamic analysis of Linux-based firmware

Script for searching the extracted firmware file system for goodies!

The Firmware Security Testing Methodology (FSTM) is composed of nine stages tailored to enable security researchers, software developers, consultants, and Information Security professionals with co…

Spoof SSDP replies and create fake UPnP devices to phish for credentials and NetNTLM challenge/response.