• Stars
    star
    234
  • Rank 171,630 (Top 4 %)
  • Language
  • Created about 5 years ago
  • Updated about 5 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

This repository will contain all trainings and tutorials I have done/read to prepare for OSWE / AWAE.

AWAE-Preparation

This repository will contain all trainings and tutorials I have done/read to prepare for OSWE.

Course Syllabus:

https://www.offensive-security.com/documentation/awae-syllabus.pdf

Before AWAE:

I would not recommend taking the course before at least; finishing all SQL and XSS Injection challenges in bWAPP https://sourceforge.net/projects/bwapp/files/bee-box/ and being able to understand and debug different languages like C#, Php, Java, and Javascript.

Before The Exam:

The Web Application Hacker's Handbook is your friend. The negative part of AWAE course is that they did not include enough methodologies for vulnerability discovery, thus, I strongly recommend reading Chapter 21 from The Web Application Hacker's Handbook , and be comfortable debugging C#, Java, Php, and Javascript, using Burp Suite, dnSpy, JD-GUI, Visual Studio, and writing custom PoC in at least one language :).

🐦 @Mohdcsec

More Repositories

1

CVE-2021-23017-PoC

PoC for Nginx 0.6.18 - 1.20.0 Memory Overwrite Vulnerability CVE-2021-23017
Python
92
star
2

M-Botnet

A C2 project that controls a self-propagating MS17-010 worm.
C
64
star
3

Kali-TX

Customized Kali Linux - Ansible playbook
Python
64
star
4

BlueDucky

A blue-team tool, creates a list of USB-Rubber-Ducky instructions.
Python
35
star
5

Vulnerable-AD-Lab

Automate the build of a vulnerable AD environment.
PowerShell
29
star
6

Miner

Local Privilege Escalation Miner
PowerShell
22
star
7

Restless

A light C# implant that bypasses Windows Firewall and Defender
C#
21
star
8

AutomatedHunter

Google Chrome Extension automates testing fundamental Web Problems via Chrome
JavaScript
21
star
9

6-Eyed-Spider

Post-exploitation tool collects data going out and coming into the browser and makes use of it.
Python
19
star
10

nmap-vulnerability-scan-scripts

nmap detection scripts for CVE-2022-45477, CVE-2022-45479, CVE-2022-45482, CVE-2022-45481
Lua
11
star
11

Nemo

A copy of my little beautiful malware I used in IRSeC 2019
C#
10
star
12

HackMeGPT

Vulnerable LLM Application
Python
10
star
13

Android-Tester-Panel-App

It provides configurable shortcuts to help make the pre-qual/testing process more efficient.
Java
9
star
14

Tunnel-Manager

GUI manager for network tunnels developed for Command and Control systems.
Python
9
star
15

Bfsense

Malicious patch for Pfsense router to perform Red Team activities.
PHP
7
star
16

Its-ours-now

This tool backs up all downloaded files during the malware execution period and helps the dynamic malware analysis process.
C#
6
star
17

CVE-2024-32002

local poc for CVE-2024-32002
Shell
6
star
18

Guessing-passwords-using-machine-learning

ML experiment
Python
5
star
19

Quick-and-Dirty-Recon

Quick and dirty reconnaissance hacks for BB and pentesting
C
5
star
20

tlde

Fast TLD parser in Go
Go
4
star
21

TorMultiplier

Creates multiple Tor sockets
Python
4
star
22

Covert-Channel-by-Exploiting-HTTP-Post

A post-exploitation script that sniffs for POST req data and covertly sends it back to the attackers server using TCP SYN ISN
Python
3
star
23

QSearchSploit

Customized outputs for SearchSploit
Python
2
star
24

CellTower

Shell
2
star
25

Proof-of-Concept-CSharp-Ransomware

Low-hanging fruit deployed in IRSeC 2021
C#
2
star
26

I-WILL-FIND-U-AND-I-WILL-KILL-U

Python
2
star
27

Rabin-Miller-Algorithm-in-Cryptography

Primality Testing with Rabin-Miller Algorithm in Cryptography
Python
2
star
28

RandMalware

RandMalware randomly selects malware and deploys it.
1
star
29

Ansible-SOS-Agents-Installation-On-Clients

To deploy Wazuh, Kolide Fleet launcher, OSquery, Winlogbeat, Rsyslog agents for Windows and Linux.
Shell
1
star
30

Regex-Jungle

regex.shellcode.blog
HTML
1
star
31

CVE-2017-13156

To determine if an APK is vulnerable to CVE-2017-13156
Python
1
star