NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
GnuradioGNU Radio – the Free and Open Software Radio Ecosystem
PayloadsGit All the Payloads! A collection of web attack payloads.
CalderaAutomated Adversary Emulation Platform
OsweepDon't Just Search OSINT. Sweep It.
AutottpAutomated Tactics Techniques & Procedures
Oscp Cheat SheetThis is my OSCP cheat sheet made by combining a lot of different resources online with a little bit of tweaking. I used this cheat sheet during my exam (Fri, 13 Sep 2019) and during the labs. I can proudly say it helped me pass so I hope it can help you as well ! Good Luck and Try Harder
HostintelA modular Python application to collect intelligence for malicious hosts.
PicoctfThe platform used to run picoCTF. A great framework to host any CTF.
RichelieuList of the most common French passwords
LockphishLockphish it's the first tool (07/04/2020) for phishing attacks on the lock screen, designed to grab Windows credentials, Android PIN and iPhone Passcode using a https link.
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
NetzDiscover internet-wide misconfigurations while drinking coffee
Whoishere.pyWIFI Client Detection - Identify people by assigning a name to a device performing a wireless probe request.
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
JwtcatA CPU-based JSON Web Token (JWT) cracker and - to some extent - scanner.
CypherothAutomated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
MagicpadMagicPad is an encryption suite for beginners. It is designed to be run standalone via the browser or executable (Electron).
BbreconPython library and CLI for the Bug Bounty Recon API
CyberprobeCapturing, analysing and responding to cyber attacks
Slack WatchmanMonitoring your Slack workspaces for sensitive information
ScyllaThe Simplistic Information Gathering Engine | Find Advanced Information on a Username, Website, Phone Number, etc.
Powershell Red TeamCollection of PowerShell functions a Red Teamer may use to collect data from a machine
SharpAn anti-ARP-spoofing application software that use active and passive scanning methods to detect and remove any ARP-spoofer from the network.
Pyiris BackdoorPyIris-backdoor is a modular, stealthy and flexible remote-access-toolkit written completely in python used to command and control other systems. It is now in the beta stage, possibly perpetually. There are bugs still present in the framework, feel free to contribute or help me out with this project its still under active development >_>
Misp DashboardA dashboard for a real-time overview of threat intelligence from MISP instances
Information SecurityA place where I can create, collect and share tooling, resources and knowledge about information security.
KartonDistributed malware processing framework based on Python, Redis and MinIO.
JiffJavaScript library for building web-based applications that employ secure multi-party computation (MPC).
Visualize logsA Python library and command line tools to provide interactive log visualization.
OpenubaA robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [PRE-ALPHA]
PhishingkittrackerLet's track phishing kits to give to research community raw material to study !
Mwdb CoreMalware repository component for samples & static configuration with REST API interface.
Black WidowGUI based offensive penetration testing tool (Open Source)
Chatterinternet monitoring osint telegram bot for windows
RatelRAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus software.
Defaultcreds Cheat SheetOne place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Shodan DorksDorks for shodan.io. Some basic shodan dorks collected from publicly available data.
Attack Control Framework MappingsSecurity control framework mappings to MITRE ATT&CK provide a critically important resource for organizations to assess their security control coverage against real-world threats and provide a bridge for integrating ATT&CK-based threat information into the risk management process.
GitmonitorOne way to continuously monitor sensitive information that could be exposed on Github