Projects, manuals and guides on cybersecurity. From server hardening to penetration testing.
$ cat projects.md | grep security_
Collection of cybersecurity projects on hardening, network defense, and offensive security.
π No results. Try another filter.
Configuration of apache2.conf, security.conf and php.ini with recommended security parameters.
Exploitation and countermeasures for command injection and remote/local file inclusion vulnerabilities using OWASP Mutillidae and bWAPP.
Using SQLMap with BurpSuite to extract data from vulnerable databases on DVWA: users, passwords, and SQL shell.
Stealing credentials with Netcat, session cookie theft via XSS and defense with htmlspecialchars().
Manual UNION-based exploitation on bWAPP and unhex() bypass on DVWA medium level.
APK reverse engineering: Java extraction, smali modification and access control bypass with dex2jar and JD-GUI.
Insecure Logging, Hardcoding, insecure storage in SharedPreferences, SQLite and SQL Injection demonstrated with ADB.
APK unpacking, exported activity invocation with am start, VirusTotal/Metadefender analysis and Android permissions.
Exercises 9β13: PIN bypass, insecure Content Providers, hardcoded JNI key and buffer overflow.
SYN scan, OS/version detection, NSE vulnerability scripts, firewall evasion and result export.
Finding and using exploits, Meterpreter payloads, post-exploitation, auxiliary modules and msfvenom.
Brute force SSH, FTP, RDP, SMB and HTTP web forms. Practice on DVWA with session cookies.
Traffic capture, BPF and display filters, cleartext credential extraction and ARP spoofing detection.
Cracking MD5, SHA1, bcrypt and NTLM hashes with dictionary attacks, brute force and mutation rules.
Proxy, Repeater, Intruder and Scanner. Complete OWASP testing flow: SQLi, XSS, IDOR and brute force.
Exploitation on DVWA, PoC creation, and countermeasures: CSRF tokens, SameSite cookies and X-Frame-Options.
Automated web vulnerability scanning and discovery of hidden directories and files.
XXE payloads to read server files and SSRF, and Path Traversal exploits with filter bypass.
Step-by-step firewall configuration using iptables and firewalld to protect network infrastructure.
Vulnerability scanning tool built with Python for automated security assessments.
Deployment and configuration of Snort IDS for real-time traffic analysis and intrusion detection.
Collection of secure development guides for web applications, covering OWASP Top 10.
Framework and playbook to manage security incidents from detection to recovery.
Directory, file, subdomain and VHost discovery via dictionary attacks with Gobuster and ffuf.
Privesc techniques with LinPEAS: SUID, misconfigured sudo, cron jobs, exposed credentials and dangerous groups.
Container escapes, exposed secrets, Dockerfile hardening and image vulnerability scanning with Trivy.
Advanced Shodan searches to find exposed services, CVEs in production and misconfigured devices worldwide.
Step-by-step manuals to improve your security posture.
Contact
info@cyberescudo.comYour donation helps keep this website running and create more cybersecurity projects, manuals, and guides for the community.
β₯ Donate with PayPalAny amount is welcome βΉοΈ