Pentest environment deployer (kali linux + targets) using vagrant and chef.

Pentesting lab with a Kali Linux instance accessible via ssh & wireguard VPN and with vulnerable instances in a private subnet

This repository is a curated resource for aspiring bug hunters, offering hands-on labs, tools, and structured guidance to support your learning and practical development in the field of ethical hacking and vulnerability research.

A python tool(automation) for automatically finding SSH servers on the network and adding them to the botnet for mass administration and control.

I designed and implemented a multi-platform cybersecurity homelab to simulate real-world Enterprise environments for practicing penetration testing, Network defense, and Active Directory management. I am building this homelab to stimulate both Offensive and Defensive Security

Metasploit v 5

Ethical Hacking Workshop

Python exploit for vsftpd 2.3.4 - Backdoor Command Execution

This repository is a comprehensive reference guide for commonly used penetration testing tools. It includes detailed commands, explanations, & practical usage examples for tools such as Nmap for network scanning and firewall evasion, Hydra for brute force attacks on services, JohntheRipper for password and hash cracking, and SEToolkit for phising

En este repositorio haré una breve explicación de como montar un entorno de trabajo con Kali y Metasploiable2 , en dos máquinas virtualizadas mediante VirtualBox. También explico a modo de practica como realizar un ataque DDoS y como introducir un backdoor en el servicio sftp, por el puerto 21.

this script is what seems to be a discord token gen that checks the tokens as it gens but you would be wrong because it is really a token logger with a python meterpreter payload inside so you can use this with metasploit to infect somones device and steal there token

💻 Step-by-step guide to install and run Metasploitable 2 on Mac with Apple Silicon (M1/M2/M3) using UTM — ideal for ethical hacking labs, penetration testing practice, and cybersecurity students.

A series of detailed vulnerability assessments and PoCs on Metasploitable2, aimed at demonstrating a systematic approach to identifying and mitigating security vulnerabilities for educational purposes.

Este Proyecto es para realizar pruebas de laboratorio en la mayoría de los entornos linux sin la necesidad de tener las herramientas instaladas de forma native el unico requerimiento es que se tenga docker y docker-compose instalado el el hosts

Install and fix metasploit problems on termux

Hands-on exploitation of the VSFTPD 2.3.4 backdoor vulnerability using Metasploit to gain shell access, create users, modify logs, and attempt privilege escalation in a secure lab environment.

objective of this assessment is to perform an internal network penetration test on the specified Personal network. The task requires following a comprehensive and systematic approach to achieve the desired outcomes. This test aims to simulate a real-world penetration test within the provided testing environment.

Metasploitable 2 vulnerability assessment: Nmap/Nikto/SMB/MySQL tests, evidence, and remediation recommendations.

Software Security Milestone 2 project

Educational pentesting lab – Red Team exercises with Kali Linux, Metasploitable2, Nessus, Burp Suit, Wireshark, tcpdump, Nmap, Metasploit Framework, SET, Hydra, sqlmap, aircrack-ng and vulnerable apps. Step-by-step reports, commands, and captures.

This homelab project sets up a vulnerability scanning system using OpenVAS on Kali Linux with Metasploitable 2 VM as the scan target. It’s optimized for low-resource environments, ideal for single-laptop homelabs and virtual setups.

A CTF for beginners

Pentesting project to attack a Metasploitable VM using Metasploit and find 5 different vulnerabilities, 3 of them detected by the IDS Snort and 2 of them not. Attack exploits on services like ProFTPD, CUPS, Drupal, and Apache are explored, alongside discussions on IDS effectiveness.

A comprehensive 60-day Cybersecurity Internship roadmap at ApexPlanet. This repository documents hands-on labs including network isolation, traffic analysis with Wireshark, Network Security & Scanning and security documentation.

Black-box network penetration testing project using tools like Nmap, Nessus, Metasploit & Burp Suite. Includes CVSS-based risk assessment & remediation roadmap.

This is the instruction on how to download the metasploitable3 successfully

A comprehensive penetration testing report detailing 46 security vulnerabilities discovered during a full-scope assessment of a Metasploitable2 lab environment. Findings include Network Services, Web Applications, Privilege Escalation, and Enumeration vulnerabilities.

Nessus vulnerability scanning lab - credentialed scans and finding analysis

A simulated Security Operations Center (SOC) lab built with VirtualBox. This repository documents full kill-chain cyber attacks, Suricata NIDS detection validation, and a custom Python-based SOAR implementation that interacts with the Elasticsearch API to automate firewall containment.

VirtualBox networking, Nessus Essentials setup, target VM Metasploitable