MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-90.31%)
GtfoblookupOffline command line lookup utility for GTFOBins (https://github.com/GTFOBins/GTFOBins.github.io) and LOLBAS (https://github.com/LOLBAS-Project/LOLBAS)
Stars: ✭ 123 (-84.91%)
PwnedPasswordsCheckerSearch (offline) if your password (NTLM or SHA1 format) has been leaked (HIBP passwords list v8)
Stars: ✭ 52 (-93.62%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+84.79%)
AggressiveproxyProject to enumerate proxy configurations and generate shellcode from CobaltStrike
Stars: ✭ 109 (-86.63%)
uberduckyWireless USB Rubber Ducky triggered via BLE (make your Ubertooth quack!)
Stars: ✭ 80 (-90.18%)
MalwarepersistencescriptsA collection of scripts I've written to help red and blue teams with malware persistence techniques.
Stars: ✭ 103 (-87.36%)
SLibSLib is a sandbox evasion library that implements some of the checks from https://evasions.checkpoint.com in C#
Stars: ✭ 50 (-93.87%)
BettercapThe Swiss Army knife for 802.11, BLE, IPv4 and IPv6 networks reconnaissance and MITM attacks.
Stars: ✭ 10,735 (+1217.18%)
NtlmreconEnumerate information from NTLM authentication enabled web endpoints 🔎
Stars: ✭ 252 (-69.08%)
WsmanagerWebshell Manager
Stars: ✭ 99 (-87.85%)
sylas根据多个不同地区进行聚合查询以获取更多 fofa 数据
Stars: ✭ 25 (-96.93%)
DeepseaDeepSea Phishing Gear
Stars: ✭ 96 (-88.22%)
I See YouISeeYou is a Bash and Javascript tool to find the exact location of the users during social engineering or phishing engagements. Using exact location coordinates an attacker can perform preliminary reconnaissance which will help them in performing further targeted attacks.
Stars: ✭ 246 (-69.82%)
WinpwnAutomation for internal Windows Penetrationtest / AD-Security
Stars: ✭ 1,303 (+59.88%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-95.71%)
Atomic Red Team Intelligence C2ARTi-C2 is a post-exploitation framework used to execute Atomic Red Team test cases with rapid payload deployment and execution capabilities via .NET's DLR.
Stars: ✭ 87 (-89.33%)
Cobalt ArsenalMy collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
Stars: ✭ 230 (-71.78%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-89.57%)
nTimetoolsTimestomper and Timestamp checker with nanosecond accuracy for NTFS volumes
Stars: ✭ 25 (-96.93%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+50.67%)
MalwlessTest Blue Team detections without running any attack.
Stars: ✭ 215 (-73.62%)
Ldap searchPython3 script to perform LDAP queries and enumerate users, groups, and computers from Windows Domains. Ldap_Search can also perform brute force/password spraying to identify valid accounts via LDAP.
Stars: ✭ 78 (-90.43%)
ligolo-ngAn advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
Stars: ✭ 418 (-48.71%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+45.52%)
DoxycannonA poorman's proxycannon and botnet, using docker, ovpn files, and a dante socks5 proxy
Stars: ✭ 216 (-73.5%)
GirshAutomatically spawn a reverse shell fully interactive for Linux or Windows victim
Stars: ✭ 66 (-91.9%)
volana🌒 Shell command obfuscation to avoid detection systems
Stars: ✭ 38 (-95.34%)
Awesome Cobaltstrikecobaltstrike的相关资源汇总 / List of Awesome CobaltStrike Resources
Stars: ✭ 1,157 (+41.96%)
Fudgec2FudgeC2 - a command and control framework designed for team collaboration and post-exploitation activities.
Stars: ✭ 191 (-76.56%)
Macro packmacro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
Stars: ✭ 1,072 (+31.53%)
BackdorosbackdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.
Stars: ✭ 50 (-93.87%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-79.02%)
fofaxfofax is a command line query tool based on the API of https://fofa.info/, simple is the best!
Stars: ✭ 479 (-41.23%)
PwndropSelf-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
Stars: ✭ 878 (+7.73%)
Community ThreatsThe GitHub of Adversary Emulation Plans in JSON. Share SCYTHE threats with the community. #ThreatThursday adversary emulation plans are shared here.
Stars: ✭ 169 (-79.26%)
Attack ToolsUtilities for MITRE™ ATT&CK
Stars: ✭ 810 (-0.61%)
atermIt records your terminal, then lets you upload to ASHIRT
Stars: ✭ 17 (-97.91%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (-5.15%)
AboutsecurityA list of payload and bypass lists for penetration testing and red team infrastructure build.
Stars: ✭ 166 (-79.63%)
Poshc2A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.
Stars: ✭ 747 (-8.34%)
meteorA cross-platform C2/teamserver supporting multiple transport protocols, written in Go.
Stars: ✭ 31 (-96.2%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-11.04%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-79.88%)
PezorOpen-Source PE Packer
Stars: ✭ 561 (-31.17%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-92.52%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+629.2%)
Invoke ApexA PowerShell-based toolkit and framework consisting of a collection of techniques and tradecraft for use in red team, post-exploitation, adversary simulation, or other offensive security tasks.
Stars: ✭ 162 (-80.12%)
Sherlock🔎 Hunt down social media accounts by username across social networks
Stars: ✭ 28,569 (+3405.4%)
JiraffeOne stop place for exploiting Jira instances in your proximity
Stars: ✭ 157 (-80.74%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-80.49%)
RedBook基于Threathunting-book基础上完善的狩猎视角红队handbook
Stars: ✭ 56 (-93.13%)
adduser-dllSimple DLL that add a user to the local Administrators group
Stars: ✭ 48 (-94.11%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+355.83%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-92.64%)
ReconnessReconNess is a platform to allow continuous recon (CR) where you can set up a pipeline of #recon tools (Agents) and trigger it base on schedule or events.
Stars: ✭ 131 (-83.93%)