A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
-
Updated
Jun 7, 2024
Cybersecurity involves protecting systems, networks, and data from cyber threats. This field encompasses a wide range of practices and technologies designed to safeguard information from unauthorized access, attacks, damage, or theft. Cybersecurity includes preventive measures such as firewalls, encryption, and secure coding practices, as well as detection and response strategies like intrusion detection systems and incident response plans. This topic covers the principles, best practices, and latest trends in cybersecurity, including emerging threats and the evolving landscape of cyber defense.
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
ONYX: Cisco Automated Assessment and Auditing Tool (CAAAT). An open-source tool that automatically assesses and audits Cisco IOS routers against Center for Internet Security (CIS) Cisco IOS 15 Benchmark and Cisco IOS 17 Benchmark.
The Network Execution Tool
Agile Threat Modeling Toolkit
IOCs that appear in this repository are meant to be long-lasting indicators of compromise.
A (hopefully) actively maintained activity-based-autosorted list of InfoSec Streamers
Real-world infosec wordlists, updated regularly
An auto-updating list of shodan dorks with info on the amount of results they return!
HardenedBSD implements strong exploit mitigations and security hardening technologies on top of FreeBSD, with a direct focus on the nexus between human rights and information security. HardenedBSD is the first (and only) enterprise operating system to have every part of its public infrastructure accessible by human-rights focused technologies li…
Cybersecurity Knowledge Base
Gather and update all available and newest CVEs with their PoC.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Threat Hunting queries for various attacks
EMBA - The firmware security analyzer
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
My useful files for penetration tests, security assessments, bug bounty and other security related stuff
Gram is Klarna's own threat model diagramming tool
Active Directory ACL Visualizer and Explorer - who's really Domain Admin? (Commerical versions available from NetSection)
Created by The cybersecurity community