#速查表 cheatsheets#One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️
翻译 - 所有默认凭据的一个地方,可以帮助蓝色/红色团队成员活动查找具有默认密码password️的设备
#学习与技能提升#A curated list of cybersecurity tools and resources.
#Awesome#Awesome Security lists for SOC/CERT/CTI
针对中国开发者,黑客的开源情报工具:名单,主要使用社交ID追踪,枚举,画像等手段,锁定潜在攻击者
Halberd : Multi-Cloud Attack Platform
Some Pentesters, Security Researchers, Red Teamers which i learned from them a lot...
Collection of script templates to create infinite UAC prompts forcing a user to run as admin ⚠
WEB-Wordlist-Generator creates related wordlists after scanning your web applications.
A tool that allows you to document and assess any security automation in your SOC
urlyzer is a URL parsing analysis tool.
This is a repo for cybersecurity analyst collecting artifacts in a incident response case.
This script detects typosquatting domains by generating typo variations of a given domain name, checking if they return a valid HTTP response, and running a WHOIS lookup to determine if the domain is ...
Malware repository and analysis platform
A script that webs scrapes multiple webpages for known vulnerable Windows Drivers, SHA256 hashes all system drivers, looks for matching driver names and SHA256 hashes.
Go script that finds a matching hash or a diff of a target hash in a directory.
A script to that checks for active connections to known malicious foreign IP addresses.
Convert Microsoft's driver blocklist to a EDR detection hash list for unsupported operating systems (eg. Win 7,8)
Generate malware traces for detection tests
Tools and Techniques for Blue Team / Incident Response