PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+6602.44%)
PwndropSelf-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
Stars: ✭ 878 (+78.82%)
RedTeamOne line PS scripts that may come handy during your network assesment
Stars: ✭ 56 (-88.59%)
Bugbounty CheatsheetA list of interesting payloads, tips and tricks for bug bounty hunters.
Stars: ✭ 3,644 (+642.16%)
DiscordGoDiscord C2 for Redteam....Need a better name
Stars: ✭ 55 (-88.8%)
TtpsTactics, Techniques, and Procedures
Stars: ✭ 335 (-31.77%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+71.89%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-14.66%)
SSRF payload本脚本旨在生成各类畸形URL链接,进行探测使用的payload,尝试绕过服务端ssrf限制。
Stars: ✭ 28 (-94.3%)
BadAssMacrosBadAssMacros - C# based automated Malicous Macro Generator.
Stars: ✭ 281 (-42.77%)
BurpcryptoBurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite).
Stars: ✭ 350 (-28.72%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-82.08%)
FoureyeAV Evasion Tool For Red Team Ops
Stars: ✭ 421 (-14.26%)
ImpulsiveDLLHijackC# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
Stars: ✭ 258 (-47.45%)
PivotsuiteNetwork Pivoting Toolkit
Stars: ✭ 329 (-32.99%)
gitoopsall paths lead to clouds
Stars: ✭ 579 (+17.92%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (-8.55%)
anti-honeypot一款可以检测WEB蜜罐并阻断请求的Chrome插件,能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api
Stars: ✭ 38 (-92.26%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-38.7%)
certexfilExfiltration based on custom X509 certificates
Stars: ✭ 18 (-96.33%)
PayloadsPayload Arsenal for Pentration Tester and Bug Bounty Hunters
Stars: ✭ 421 (-14.26%)
WordlistsInfosec Wordlists
Stars: ✭ 271 (-44.81%)
fileless-elf-execExecute ELF files without dropping them on disk
Stars: ✭ 237 (-51.73%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+73.93%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (-27.7%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-12.22%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-90.22%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (-29.74%)
moonwalkCover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚
Stars: ✭ 544 (+10.79%)
Go ShellcodeLoad shellcode into a new process
Stars: ✭ 456 (-7.13%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-92.67%)
Redteam ResearchCollection of PoC and offensive techniques used by the BlackArrow Red Team
Stars: ✭ 330 (-32.79%)
AggressorScriptsA collection of Cobalt Strike aggressor scripts
Stars: ✭ 18 (-96.33%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (-14.66%)
FatherLD_PRELOAD rootkit
Stars: ✭ 59 (-87.98%)
linkedinscraperLinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.
Stars: ✭ 22 (-95.52%)
Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+1128.11%)
redpillAssist reverse tcp shells in post-exploration tasks
Stars: ✭ 142 (-71.08%)
HatVenomHatVenom is a HatSploit native powerful payload generation tool that provides support for all common platforms and architectures.
Stars: ✭ 84 (-82.89%)
A Red Teamer DiariesRedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Stars: ✭ 382 (-22.2%)
Behold3r👻Behold3r -- 收集指定网站的子域名,并可监控指定网站的子域名更新情况,发送变更报告至指定邮箱
Stars: ✭ 29 (-94.09%)
HershellHershell is a simple TCP reverse shell written in Go.
Stars: ✭ 442 (-9.98%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+675.97%)
365-Stealer365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.
Stars: ✭ 200 (-59.27%)
sherlock🔎 Find usernames across social networks
Stars: ✭ 52 (-89.41%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (-45.42%)
Repo SupervisorScan your code for security misconfiguration, search for passwords and secrets. 🔍
Stars: ✭ 482 (-1.83%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (-5.7%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (-11.41%)