1

Packt SecPro – Secret Knowledge – Rewards Edition 💰

Red Team .......................................................................................................................................3
Blue Team ..........................................................................................................................................4
Pentesting tools .............................................................................................................................5
K8 Security .....................................................................................................................................6
AWS IAM ........................................................................................................................................7
Network (DNS/HTTP) .....................................................................................................................8
Threat Intelligence .........................................................................................................................9
Incident Response .......................................................................................................................10
DevSecOps ...................................................................................................................................11
Risk Assessment ✅ ..........................................................................................................................12
Frameworks and Standards .........................................................................................................13
Secrets Management ..................................................................................................................14
Cheat Sheets .................................................................................................................................15
Bug Bounty Platforms ..................................................................................................................16
Practice Labs ................................................................................................................................16
Other Resources ..........................................................................................................................17

2
 Red Team 🔴

🔸 Red-Teaming-Toolkit: This repo contains innovative open-source security tools (OST) for
a red teamer and threat hunter 🛠

🔸 zeroapk: A straightforward way to download all apks with a company name

🔸 A-Red-Teamer-diaries: It is a curated collection of Red Team/Pentest notes and

experiments that are tested on several infrastructures and is related to professional
engagements

🔸 ImpulsiveDLLHijack: It’s C# based tool that is designed to automate the process of

discovering and exploiting DLL Hijacks in target binaries. Here, the Hijacked paths discovered
during the process can further be weaponized during Red Team Operations to evade EDR's

🔸 Jasmin-Ransomware: Typically, an advanced red team tool (WannaCry Clone) that is

used for simulating real ransomware attacks. This helps security researchers in overcoming
the risk of external attacks

🔸 red-team-scripts: This is an exclusive repo collection of Red Team focused tools, scripts,
and notes

🔸 RedTeam-OffensiveSecurity: Productive set of tools & Interesting hacks for Red Team
Ops

🔸 RedELK: It is otherwise called as Red Team's SIEM - a tool that is designed for Red Teams
to track and create alarms on Blue Team activities and comes with better performance and
usability eventually

🔸 Hack-Tools: This is a web extension exclusive for Red Team Ops to perform Web
application penetration testing

🔸 redsnarf: It is a pen-testing / red-teaming tool developed for Windows environments

3
 Blue Team 🔵

🔸 BinaryDefense/artillery: This is an open-source blue team tool curatively designed to

ensure security across Linux and Windows operating systems through multiple
methodologies

🔸 Vanguards - This is a Version 3 Onion service guard discovery attack mitigation script
that is intended for eventual inclusion in Tor core

🔸 OnionBalance - It facilitates load-balancing by making Onion services more resilient and

reliable by eliminating single points of failure

🔸 Certbot - This is used to automate the issuance and renewal of TLS certificates from the
LetsEncrypt Root CA with plugins which in turn are used to configure various Web and e-
mail server software

🔸 MITMEngine - This is a Golang library for server-side detection of TLS interception events

🔸 Malware Information Sharing Platform and Threat Sharing (MISP) - It is an Open-source

software solution for collecting, storing, distributing, and sharing cyber security indicators

🔸 Open Source Vulnerabilities (OSV) - This is a vulnerability database and triage

infrastructure designed for open-source projects of helping both open-source maintainers
and users of open source

🔸 PingCastle - This is an Active Directory vulnerability detection and reporting tool

🔸 WireGuard - It is a simple and fast VPN that utilizes state-of-the-art cryptography

method

🔸 WMI Monitor - It creates Log of newly created WMI consumers and then processes
them to the Windows Application event log

4
 Pentesting tools 🔨

🔸 Burp Suite - Tool for testing web app security, intercepting proxy to replay, inject, scan
and fuzz

🔸 Sn1per - Automated pentest framework for offensive security experts

🔸 pentestpackage - A package of pentest scripts

🔸 python-pentest-tools - Python tools for penetration testers

🔸 Ghidra - Software reverse engineering (SRE) framework

🔸 pwndbg - Exploit development and reverse engineering with GDB made easy

🔸 IDA - Multi-processor disassembler and debugger useful for reverse engineering

malware

🔸 Raccoon - High-performance offensive security tool for reconnaissance and vulnerability

scanning

🔸 routersploit - Exploitation framework for embedded devices

🔸 Vulnreport - Open-source pentesting management and automation platform by

Salesforce Product Security

🔸 SUDO_KILLER - Tool to identify and exploit Sudo rules' misconfigurations and

vulnerabilities

🔸 Osmedeus - Fully automated offensive security tool for reconnaissance and vulnerability
scanning

🔸 OWASP Threat Dragon - Tool used to create threat model diagrams and to record
possible threats

🔸 p0f - Tool to identify the players behind any incidental TCP/IP communications

5
 K8 Security 📦

🔸 kubectl-who-can - A Kubectl plugin that helps in monitoring those identities that have
permission to perform a given set of action on a given set of resources

🔸 KubiScan: This helps in scanning Kubernetes cluster for risky permissions

🔸 k8numerator: This script is used for enumerating services in Kubernetes cluster with the
common services dictionary provided

🔸 kubetap: It is a Kubectl plugin that helps in performing interactive proxy Kubernetes

Services at ease

🔸 k8s-security-dashboard: It is a peculiar security monitoring solution for Kubernetes

🔸 [Link]: It is a collection of best practices and tools that can be used for Kubernetes
RBAC

🔸 kube-linter: This is a static analysis tool that checks Kubernetes YAML files and Helm
charts to ensure the applications represented in them are adhered to the best practices

🔸 kubescape: This is the first open-source tool for testing whether the Kubernetes is
deployed securely according to multiple frameworks such as: regulatory, customized
company policies and DevSecOps best practices, the NSA-CISA and the MITRE ATT&CK®

🔸 krane: It is a form of Kubernetes RBAC static Analysis & visualization tool

🔸 kics: This helps in finding security vulnerabilities, compliance issues, and infrastructure
misconfigurations early in the development cycle of infrastructure-as-code (IaC)

6
 AWS IAM 📜

🔸 aws-iam-authenticator: This tool uses AWS IAM credentials to authenticate them across
Kubernetes cluster

🔸 awsprocesscreds: It is a process credential provider for AWS SDKs and Tools

🔸 aws-missing-tools: These tools are for managing AWS resources including EC2, EBS, RDS,
IAM, CloudFormation and Route53

🔸 iamy: It is a cli tool for importing and exporting AWS IAM configuration to YAML files

🔸 iam-policy-json-to-terraform: This is a small tool used for converting an IAM Policy in

JSON format into a Terraform aws_iam_policy_document

🔸 awsdigger: This is an AWS IAM resources search tool

🔸 aws_assume_roles: These are tools that are designed to work with AWS IAM role
assumption

🔸 go-aws-mfa: It is used to refresh an MFA token for AWS IAM account (using STS)

🔸 terraform-aws-iam-sleuth: It is a Lambda-based auditing tool for AWS Access keys

🔸 aws-iam-user-tool: A command line tool to create AWS IAM users, set permissions, and
send a welcome email to the newly created user with all necessary login and usage
information

🔸 assert-aws-iam-permissions: This tool is developed for verifying AWS IAM policies grant
the expected permissions

7
 Network (DNS/HTTP) 📡

🔸 amass - Tool that obtains subdomain names by scraping data sources, crawling web
archives, and more

🔸 knock - Tool to enumerate subdomains on a target domain through a wordlist

🔸 grimd - Fast DNS proxy, built to black-hole internet advertisements and malware servers

🔸 dnsperf - DNS performance testing tools

🔸 gobench - http/https load testing and benchmarking tool

🔸 ab - Single-threaded command line tool for measuring the performance of HTTP web
servers

🔸 wrk - Modern HTTP benchmarking tool capable of generating significant load

🔸 boom - Script you can use to quickly smoke-test your web app deployment

🔸 HTTPie - A user-friendly HTTP client

🔸 SlowHTTPTest - Tool that simulates some Application Layer Denial of Service attacks by
prolonging HTTP

🔸 ssllabs-scan - Command-line reference-implementation client for SSL Labs APIs

8
 Threat Intelligence 📵

🔸 threat_note - It is a modest Web application built by Defense Point Security to allow

security researchers the ability to add and retrieve indicators related to their research

🔸 Threat Bus - This is a Threat intelligence dissemination layer to connect security tools
through a distributed publish/subscribe message broker

🔸 ThreatIngestor - It is a sort of an Extendable tool that is primarily used to extract and

aggregate IOCs from threat feeds including Twitter, RSS feeds, or other sources

🔸 MLSec Combine - It is applied to Gather and combine multiple threat intelligence feed
sources into one customizable, standardized CSV-based format

🔸 YARA Rules - This Project covers the need for IT security researchers to have a single
repository where different Yara signatures are compiled, classified, and kept as up to date as
possible

🔸 Hunting ELK (HELK) - This is an All-in-one Free Software threat hunting stack based on
Elasticsearch, Logstash, Kafka, and Kibana with various built-in integrations for analytics
including Jupyter Notebook

🔸 PSHunt - This PowerShell module is designed to scan remote endpoints for indicators of
compromise or survey them for more comprehensive information related to state of those
system

🔸 Real Intelligence Threat Analysis (RITA) - This is an exclusive Open-source framework

that is used for network traffic analysis that ingests Zeek logs and detects beaconing, DNS
tunneling, and more

🔸 TheHive - This is a Scalable, free Security Incident Response Platform designed to make
life easier for SOCs, CSIRTs, and CERTs, featuring tight integration with MISP

🔸 RedHunt OS - This comes as an Ubuntu-based Open Virtual Appliance (.ova)

preconfigured with several threat emulation tools as well as a defender's toolkit

9
 Incident Response 🚩

🔸 CimSweep - This is a suite of CIM/WMI-based tools enabling remote incident response

and hunting operations across all versions of windows

🔸 MozDef - This is used to automate the security incident handling process and facilitate
the real-time activities of incident handlers

🔸 GRR Rapid Response - This is an incident response framework focused on remote live
forensics consisting of a Python agent installed on assets and Python-based server
infrastructure that enables security analysts to quickly triage attacks and helps in
performing analysis remotely

🔸 Fast Incident Response (FIR) - it is a cybersecurity incident management platform

allowing for easy creation, tracking, and reporting of cybersecurity incidents

🔸 CIRTKit - This is a Scriptable Digital Forensics and Incident Response (DFIR) toolkit built
on Viper

🔸 Cyphon - This is designed to eliminate the problem of incident management teams by

streamlining a multitude of related tasks through a single platform. It receives, processes
and triages events to provide an all-encompassing solution for your analytic workflow —
aggregating data, bundling, and prioritizing alerts, and empowering analysts to investigate
and document incidents

🔸 Sandia Cyber Omni Tracker (SCOT) - This is an Incident Response collaboration and
knowledge capture tool focused on flexibility and ease of use

🔸 DFIRTrack - This is coming as an Incident Response tracking application handling one or

more incidents via cases and tasks with a lot of affected systems and artifacts

🔸 RTIR - This is a Request Tracker for Incident Response (RTIR) that is open-source incident
handling system targeted for computer security teams.

🔸 UAC - This is UAC (Unix-like Artifacts Collector), a Live Response collection tool for
Incident Response that makes use of built-in tools to automate the collection of Unix-like
systems artifacts. The supported system for utilizing this tool includes, AIX, FreeBSD, Linux,
macOS, NetBSD, NetScaler, OpenBSD and Solaris

10
 DevSecOps 🔱

🔸 DevSec Hardening Framework - This comes as a Security + DevOps module, an

Automatic Server Hardening technique

🔸 StackStorm/st2: This is also called as "IFTTT for Ops". It is basically an event-driven

automation for auto-remediation, security responses, troubleshooting, deployments, and
more. Includes rules engine, workflow, 160 integration packs with 6000+ actions

🔸 Lynis: It is a robust battle-tested security tool for systems running Linux, macOS, or Unix-
based operating system. It is designed to perform an extensive health scan of your systems
to support system hardening and compliance testing

🔸 huskyCI: It is used to perform security tests inside your CI

🔸 Gauntlt: lt helps in providing hooks to a variety of security tools and puts them within
reach of security, dev, and ops teams to collaborate to build rugged software

🔸 Snyk: This helps in finding and automatically fix vulnerabilities in your code, open-source
dependencies, containers, and infrastructure as code

🔸 JFrog XRay - It is developed by JFrog used for Security and compliance analysis for
artifacts stored in JFrog Artifactory

🔸 Renovate - Its parent company is WhiteSource, it is designed to Automatically monitor

and update software dependencies for multiple frameworks and languages using a CLI or git
repository apps

🔸 Zed Attack Proxy (ZAP) - It is created by OWASP as an open-source web application

vulnerability scanner, including an API for CI/CD integration

🔸 Anchore Engine - It is developed by Anchore, Inc to perform Deep inspection of Docker

images for CVEs and checking against custom policies

11
 Risk Assessment ✅

🔸 OWASP/RiskAssessmentFramework: This is an all-in-one Secure Coding Framework

🔸 cyber-test-lab: It comes as a Quantitate binary risk assessment tool

🔸 CYBERGATES/Assessment: This constitutes an Information Systems Security Assessment

library

🔸 MonarcAppFO: It is called as MONARC - Method for an Optimised aNAlysis of Risks by

@CASES-LU [Link]

🔸 GovReady/compliancelib-python: This is a machine-readable cybersecurity compliance

standards library for Python, starting with FISMA and NIST Risk Management Framework

🔸 attack-control-framework-mappings: This is a security control framework helps in

mapping to MITRE ATT&CK that provides a critically valuable resource for organizations to
assess their security control coverage against real-world threats and helps in integrating
ATT&CK-based threat information into the risk management process

🔸 Malware_Discovery_ML: This aims in malware discovery with chosen algorithms, like K-

Nearest Neighbors, Decision Tree or Naive Bayes

🔸 LROSecurity: This guide is an introductory document for low-risk organizations

interested in improving their cybersecurity practices

🔸 QRALib: This is a Quantitative Risk Analysis in Cybersecurity Library (QRALib)

🔸 AttackSurfaceManagement: It is used to easily discover the attack surface such as: IPs,
domain names, open ports, HTTP headers, etc

12
 Frameworks and Standards 📛

🔸 NIST-CSF: NIST Cybersecurity Framework management tool

🔸 cytrone: CyTrONE: Integrated Cybersecurity Training Framework

🔸 NIST-to-Tech: This is an open-source listing of cybersecurity technology mapped to the

NIST Cybersecurity Framework (CSF)

🔸0xsp-Mongoose: It is a unique framework for cybersecurity simulation and red teaming

operations, windows auditing for newer vulnerabilities, misconfigurations, and privilege
escalations attacks, replicate the tactics and techniques of an advanced adversary in a
network

🔸 Labtainers: It is a Docker-based cyber lab framework

🔸 flare: This comes as an analytical framework for network traffic and behavioral analytics

🔸 Lockdoor-Framework: This is a Penetration Testing framework with Cyber Security

Resources

🔸 Python-Honeypot: OWASP Honeypot, Automated Deception Framework

🔸 XSScope: XSScope is one of the most powerful and advanced GUI Framework for
Modern Browser exploitations via XSS

🔸 malsub: This is a Python RESTful API framework for online malware analysis and threat
intelligence services

13
 Secrets Management 🚫

🔸 hashicorp/vault: This is a tool for secrets management, encryption as a service, and

privileged access management

🔸 StackExchange/blackbox: Here you can safely store secrets across

Git/Mercurial/Subversion

🔸 fugue/credstash: It is a little utility for managing credentials in the cloud

🔸 awslabs/git-secrets: It helps in preventing you from committing secrets and credentials

into git repositories

🔸 mozilla/sops: This is a simple and flexible tool for managing secrets

🔸 elasticdog/transcrypt: It comes as a Runtime secrets management solution for ECS using

Task IAM Roles

🔸 bitnami-labs/sealed-secrets: This is a Kubernetes controller and tool for one-way

encrypted Secrets

🔸 cyberark/conjur: This is designed to automatically secure secrets used by privileged

users and machine identities

🔸 kubernetes-external-secrets: It helps in integrating external secret management

systems with Kubernetes

🔸 square/keywhiz: This is a system for distributing and managing secrets

14
 Cheat Sheets 🔰

🔸0xsp | red team cheatsheet - Curated set of cheat sheets and techniques that can be
applied to various red team operations

🔸 Periodic Table of DevOps Tools - It is developed by XebiaLabs and contains a collection

of DevSecOps tooling categorized by tool functionality

🔸 DevSecOps-Toolchain: This is a mind map of tools that can be utilized across DevSecOps
pipeline

🔸 Cloud Security and DevSecOps Best Practices and Securing Web Application
Technologies (SWAT) Checklist - SANS - A poster containing the Securing Web Application
Technologies (SWAT) Checklist, SANS Cloud Security Curriculum, Cloud Security Top 10, Top
12 Kubernetes Threats, and Secure DevOps Toolchain

🔸 tevers200/cyber-security-cheatsheets: Cheat Sheets to help with common security/pen

testing tasks

🔸 cheatsheet-kubernetes-A4 - Kubernetes Cheat Sheets in A4

🔸 PENTESTING-BIBLE - hacking & penetration testing & red team & cyber security
resources

🔸 quick-SQL-cheatsheet - a quick reminder of all SQL queries and examples on how to use
them

🔸 Kali Linux Cheat Sheet - a quick guide on Kali Linux commands and their usage

🔸 Shodan Query Filters - a comprehensive list of all Shodan filters

🔸 Nmap Cheat Sheat - an exclusive set of Nmap’s scripts and their functions

🔸 Google Hacking and Defense Cheat Sheet - a quick reference comprising all Google
operators, their functions with examples

🔸 Creating a strong cybersecurity assessment report - This cheat sheet offers advice for
creating a strong report as part of your penetration test, vulnerability assessment, or an
information security audit

🔸 Hacking Cheat Sheet - author hacking and pentesting notes

15
 Bug Bounty Platforms 💸

🔸 Openbugbounty - allows any security researcher reporting a vulnerability on any website

🔸 Hacktrophy - bug bounty platform

🔸 bugcrowd - crowdsourced cybersecurity for the enterprise

🔸 Synack - crowdsourced security & bug bounty programs, crowd security intelligence
platform, and more

🔸 YesWeHack - bug bounty platform with infosec jobs

🔸 hackerone - global hacker community to surface the most relevant security issues

Practice Labs 🔬

🔸 Practical Pentest Labs - A pentest lab, take your Hacking skills to the next level

🔸 [Link] - A wargame site for hackers to test and expand their binary exploiting skills

🔸 Silesia Security Lab - High quality security testing services

🔸 PentesterLab - Provides vulnerable systems that can be used to test and understand
vulnerabilities

🔸 Cryptohack - A fun platform for learning modern cryptography

🔸 Ubeeri - Preconfigured lab environments

🔸 Attack & Defense - A browser-based cloud lab

16
 Other Resources 📚

🔸 CyberSecurity-Books: This repository has eBooks on cybersecurity

🔸 post-mortems - Collection of postmortems (config errors, hardware failures, and more)

🔸 Pentests MindMap - Amazing mind map with vulnerable apps and systems

🔸 Bugcrowd University - Open-source education content for the researcher community

🔸 Hacking-Security-Ebooks - Top 100 Hacking & Security E-Books

🔸 HackingNeuralNetworks - A small course on exploiting and defending neural networks

🔸 reverseengineering-reading-list - A list of Reverse Engineering articles, books, and

papers

🔸 HolyTips - Tips and tutorials on Bug Bounty Hunting and Web App Security

🔸 Movies for Hackers - List of movies every hacker & cyberpunk must watch

17
👉 If you aren’t part of the SecPro community, you might be missing out on tons of
actionable bite-sized cybersecurity tutorials, trending attacks & analysis of vulnerabilities,
and more! Join the SecPro today!

18