497 Open source projects that are alternatives of or similar to dummyDLL

Monitoring your Slack workspaces for sensitive information

Monitoring GitHub for sensitive data shared publicly

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Monitoring GitLab for sensitive data shared publicly

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Search for Unix binaries that can be exploited to bypass system security restrictions.

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

A PowerShell module to deploy active directory decoy objects.

C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.

Purple Team Exercise Framework

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

The goal of this repository is to document the most common techniques to bypass AppLocker.

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

Test Blue Team detections without running any attack.

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

You didn't think I'd go and leave the blue team out, right?

One stop place for exploiting Jira instances in your proximity

A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. 👻🐚

bXSS is a utility which can be used by bug hunters and organizations to identify Blind Cross-Site Scripting.

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

A collection of awesome security hardening guides, tools and other resources

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

一款适用于红蓝对抗中的仿真钓鱼系统

This repository contains full code examples from the book Gray Hat C#

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A Golang Reverse Shell w/ a Tmux-driven psuedo-C2 Interface

A collection of electronic hacker magazines carefully curated over the years from multiple sources

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

E-mails, subdomains and names Harvester - OSINT

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

Webshell Manager

Credsleaker allows an attacker to craft a highly convincing credentials prompt using Windows Security, validate it against the DC and in turn leak it via an HTTP request.

One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

LinkedinScraper is an another information gathering tool written in python. You can scrape employees of companies on Linkedin.com and then create these employee names, titles and emails.

Designed to be installed on a fresh install of raspbian on a raspberry pi, by combining Respounder (Responder detection) and Artillery (port and service spoofing) for network deception, this tool allows you to detect an attacker on the network quickly by weeding out general noisy alerts with only those that matter.

Awesome cloud enumerator

🌒 Shell command obfuscation to avoid detection systems

Bloodhound for Blue and Purple Teams

Hershell is a simple TCP reverse shell written in Go.

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

Active Directory ACL Visualizer and Explorer - who's really Domain Admin?

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Find cloud assets that no one wants exposed 🔎 ☁️

Blue Team detection lab created with Terraform and Ansible in Azure.

make visual studio code portable with dll-hijack

Pentest: Subdomains enumeration tool for penetration testers.

Backend logic implementation for Vulnerability Management System

InfoPath Phishing Repo Resource

Turn your VPS into an attack box

PyIris is a modular remote access trojan toolkit written in python targeting Windows and Linux systems.