GFPGAN aims at developing Practical Algorithms for Real-world Face Restoration.

OSWE, OSEP, OSED, OSEE

Research code & papers from members of vx-underground.

A tool used to check if a CNAME resolves to the scope address. If the CNAME resolves to a non-scope address it might be worth checking out if subdomain takeover is possible.

File formats dissections and more...

Attack and defend active directory using modern post exploitation adversary tradecraft activity

Example files to experience basic exploit techniques.

A tool for harvesting sysadmin credentials in Linux

A Course on Intermediate Level Linux Exploitation

A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development

A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Develo…

My curated list of awesome links, resources and tools on infosec related topics

Dark clean theme for jekyll

🌐 Jekyll is a blog-aware static site generator in Ruby

Windows Packer Templates

Metasploitable3 is a VM that is built from the ground up with a large amount of security vulnerabilities.

Pentest Lab on OpenStack with Heat, Chef provisioning and Docker

SQLI labs to test error based, Blind boolean based, Time based.

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

Wiki to collect Red Team infrastructure hardening resources

📁 #AISecurity

Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!

An authoritative list of awesome devsecops tools with the help from community experiments and contributions.

QEMU Interactive Runtime Analyser

Micro$oft Windows Hacking Pack

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers. If you have a good idea, please share it with others.

Post Exploitation Collection

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…