ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (+53.57%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+655.36%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-60.71%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+491.07%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (+125%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+623.21%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (+101.79%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+244.64%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+898.21%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1928.57%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+2130.36%)
dorothyDorothy is a tool to test security monitoring and detection for Okta environments
Stars: ✭ 85 (+51.79%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+1283.93%)
PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (+414.29%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (+25%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+7332.14%)
Adversarial Robustness ToolboxAdversarial Robustness Toolbox (ART) - Python Library for Machine Learning Security - Evasion, Poisoning, Extraction, Inference - Red and Blue Teams
Stars: ✭ 2,638 (+4610.71%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (+83.93%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+9926.79%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+866.07%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-21.43%)
AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (+1128.57%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+4810.71%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (+167.86%)
Physmem2profitPhysmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Stars: ✭ 244 (+335.71%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (+91.07%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (+1194.64%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+1387.5%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+560.71%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (+51.79%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (+7.14%)
avainA Modular Framework for the Automated Vulnerability Analysis in IP-based Networks
Stars: ✭ 56 (+0%)
WatchADAD Security Intrusion Detection System
Stars: ✭ 967 (+1626.79%)
anti-honeypot一款可以检测WEB蜜罐并阻断请求的Chrome插件,能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api
Stars: ✭ 38 (-32.14%)
Raven-StormRaven-Storm is a powerful DDoS toolkit for penetration tests, including attacks for several protocols written in python. Takedown many connections using several exotic and classic protocols.
Stars: ✭ 235 (+319.64%)
quick-recon.pyDo some quick reconnaissance on a domain-based web-application
Stars: ✭ 13 (-76.79%)
lsrootkitRootkit Detector for UNIX
Stars: ✭ 53 (-5.36%)
superhideExample of hooking a linux systemcall
Stars: ✭ 48 (-14.29%)
CTF-WriteupsRepository of my CTF writeups
Stars: ✭ 25 (-55.36%)
VindicateToolLLMNR/NBNS/mDNS Spoofing Detection Toolkit
Stars: ✭ 40 (-28.57%)
offensive-docker-vpsCreate a VPS on Google Cloud Platform or Digital Ocean easily with Offensive Docker included to launch assessment to the targets.
Stars: ✭ 66 (+17.86%)
EvilUSBQuick utility to craft executables for pentesting and managing reverse shells
Stars: ✭ 33 (-41.07%)
RT-CyberShieldProtecting Red Team infrastructure with cyber shield blocking AWS/AZURE/IBM/Digital Ocean/TOR/AV IP/ETC. ranges
Stars: ✭ 34 (-39.29%)
paradoxiaRATParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 583 (+941.07%)
LiquidSnakeLiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
Stars: ✭ 266 (+375%)
FacebookBugFacebook Write-ups, PoC, and exploitation codes:
Stars: ✭ 28 (-50%)
rkorovald_preload userland rootkit
Stars: ✭ 34 (-39.29%)
ycsmThis is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
Stars: ✭ 73 (+30.36%)
vulnerabilitiesList of every possible vulnerabilities in computer security.
Stars: ✭ 14 (-75%)
SharpUnhookerC# Based Universal API Unhooker
Stars: ✭ 255 (+355.36%)
raisinReverse shell and rootkit
Stars: ✭ 18 (-67.86%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-35.71%)
SMM-RootkitSMM rootkit similar to LoJax or MosaicRegressor
Stars: ✭ 44 (-21.43%)
InMemoryNETExploring in-memory execution of .NET
Stars: ✭ 55 (-1.79%)
wifi-deautherA fully automatic wifi deauther coded in Python
Stars: ✭ 25 (-55.36%)
ElliotA pentesting tool inspired by mr robot and derived by zphisher
Stars: ✭ 23 (-58.93%)