Top Rating
- Top Contributors
  Discover the Top Open Source contributors by country or by language
- Interviews
  Discover real stories from Open Source developers
Discover

Discover your Favorite Language
Discover the top trending repositories and projects on Github. Explore the latest trends in your preferred languages.

Shell

JavaScript

Elixir

Emacs Lisp

CSS

Assembly

Swift

C#

More Languages
Awesome

Awesome repositories
Discover the most awesome repositories and projects of your favorite languages. Inspired by the Awesome-* lists trend in GitHub.

Kotlin

Swift

Objective-C

Java

C

Python

PHP

C#

More Languages
By Country

Rankings by Country
Discover the community of talented open source contributors in each country.

🇨🇼 Curaçao

🇧🇴 Bolivia

🇵🇭 Philippines

🇹🇼 Taiwan

🇹🇯 Tajikistan

🇬🇦 Gabon

🇬🇷 Greece

🇬🇪 Georgia

All Countries Compare Countries

kh4sh3i/exchange-penetration-testing

Stars
29
Rank 832,402 (Top 17 %)
Language
PowerShell
License
Creative Commons ...
Created almost 2 years ago
Updated 12 months ago

kh4sh3i/exchange-penetration-testing

kh4sh3i

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

The great Microsoft exchange hack: A penetration tester’s guide (exchange penetration testing)

ICS-Pentesting-Tools

A curated list of tools related to Industrial Control System (ICS) security and Penetration Testing

smartrecon

smartrecon is a powerful shell script to automate the recon and finding common vulnerabilities for bug hunter

cloud-penetration-testing

A curated list of cloud pentesting resource, contains AWS, Azure, Google Cloud

Ransomware-Samples

Small collection of Ransomware organized by family.

bug-bounty-writeups

A curated list of available Bug Bounty & Disclosure Programs and Write-ups.

Apache-Tomcat-Pentesting

Apache Tomcat exploit and Pentesting guide for penetration tester

Penetration-Testing-Interview-Questions

Penetration Testing Interview Questions

wifi-password-stealer

steal saved wifi passwords in a computer & ip of target then report them through email.

Application-Security-Interview-Questions

Here are some common interview questions for an application security position you can review for your own interview, along with example answers

Ransomware

Ransomware Simulator for Blue team ,Ransomware Simulator for Red team ,Ransomware infographic, open source Anti Ransomware, Ransomware As A Service and Ransomware protection technologies

security-mindmap

This repository stores various roadmap(Mindmaps) for bug bounty Hunter, pentester, offensive(red team), defensive(blue team) and security Professional people

Malware-Analysis

A curated list of awesome malware analysis tools and resources

Spring-CVE

This includes CVE-2022-22963, a Spring SpEL / Expression Resource Access Vulnerability, as well as CVE-2022-22965, the spring-webmvc/spring-webflux RCE termed "SpringShell".

ProxyShell

CVE-2021-34473 Microsoft Exchange Server Remote Code Execution Vulnerability

CVE-2022-23131

Zabbix - SAML SSO Authentication Bypass

xmlrpc-exploit

Exploiting the xmlrpc.php on all WordPress versions

FFUF-Tricks

Describe how to use ffuf different options with examples

DDoS-Attack

DDoS Attack and type of ddos attack and ddos mitigation approach

Shodan-Dorks

a curated list of shodan dorks for finding sensitive data in shodan.io

ElasticSearch-Pentesting

ElasticSearch exploit and Pentesting guide for penetration tester

Active-Directory-Attacks

A curated list of awesome Active Directory Penetration Testing and attack resources

DevSecOps

Collection and Roadmap for everyone who wants DevSecOps, contains list of tools and methodologies

Smishing-Botnets

Smishing Botnets Going Viral in Iran

Cyber-Threat-Hunting

A curated list of threat detection and hunting resources

Cloud-Flaws-CTF

flAWS.cloud and flAWS2.cloud Interactive tutorial/CTFs to learn common AWS security mistakes.

Bug-Hunting-Handbook

Bug Hunting Handbook

Nextcloud-Pentesting

Nextcloud exploit and Pentesting guide for penetration tester

Fresh-Resolvers

List of fresh DNS resolvers updated daily

bruteforce-http-authentication

Bruteforce HTTP Authentication. Supports: Basic HTTP authentication ,Digest HTTP authentication

ProxyLogon

ProxyLogon (CVE-2021-26855+CVE-2021-27065) Exchange Server RCE (SSRF->GetWebShell)

RabbitMQ-Pentesting

RabbitMQ exploit and Pentesting guide for penetration tester

CVE-2022-26134

[PoC] Atlassian Confluence (CVE-2022-26134) - Unauthenticated OGNL injection vulnerability (RCE)

PHP-Interview-Questions

a curated list of php interview questions and answers

cyber-attacks-in-iran

A curated list of awesome cyber attacks in iran, we want to review and explain some advanced attack that happened in iran, in order to learned some security tips.

Webmin-CVE

a Curated list of Webmin vulnerability for penetration tester

open-DNS-resolver

DNS Open resolvers or Open DNS resolver vulnerability are type of DNS amplification attack.

Python-Interview-Questions

a curated list of Python interview questions and answers

CVE-2023-38646

Metabase Pre-auth RCE (CVE-2023-38646)

GitLab-SSRF-CVE-2021-22214

POC for CVE-2021-22214: Gitlab SSRF

Gitlab-CVE

a Curated list of gitlab vulnerability

FortiWeb

FortiWeb is a web application firewall (WAF)

kh4sh3i

Favicon-Hash

Calculate Favicon Hash for Shodan

CKEditor-Pentesting

Grafana-CVE

a Curated list of Grafana Security Vulnerabilities, CVE & exploit

Splunk

a useful tutorial about splunk and security splunk app

97-Tests-for-Authentication-API

97 JSON Tests for Authentication Endpoints

Redis-Pentesting

Redis exploit and Pentesting guide for penetration tester

CVE-2021-30573

Google Chrome Vulnerabilities CVE-2021-30573 allowed a remote attacker to potentially exploit heap corruption