Gtfobins.github.ioGTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Stars: ✭ 6,030 (+1151.04%)
BlueTeam.LabBlue Team detection lab created with Terraform and Ansible in Azure.
Stars: ✭ 82 (-82.99%)
SecureStoreA .NET implementation of the cross-platform SecureStore (symmetrically-encrypted secrets) protocol
Stars: ✭ 62 (-87.14%)
KeywhizA system for distributing and managing secrets
Stars: ✭ 2,452 (+408.71%)
Wadcoms.github.ioWADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.
Stars: ✭ 431 (-10.58%)
Hacker ezinesA collection of electronic hacker magazines carefully curated over the years from multiple sources
Stars: ✭ 72 (-85.06%)
ConjurCyberArk Conjur automatically secures secrets used by privileged users and machine identities
Stars: ✭ 441 (-8.51%)
Remote Desktop CachingThis tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
Stars: ✭ 171 (-64.52%)
1earnffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 3,715 (+670.75%)
cliThe official CLI for interacting with your Doppler secrets and configuration.
Stars: ✭ 96 (-80.08%)
SecretaryDEPRECATED Secrets management for dynamic environments
Stars: ✭ 93 (-80.71%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 3,810 (+690.46%)
Helm SecretsSuccessor of zendesk/helm-secrets - A helm plugin that help manage secrets with Git workflow and store them anywhere
Stars: ✭ 165 (-65.77%)
SnoopSnoop — инструмент разведки на основе открытых данных (OSINT world)
Stars: ✭ 886 (+83.82%)
SlackpirateSlack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace
Stars: ✭ 512 (+6.22%)
Gitlab WatchmanMonitoring GitLab for sensitive data shared publicly
Stars: ✭ 127 (-73.65%)
Slack WatchmanMonitoring your Slack workspaces for sensitive information
Stars: ✭ 159 (-67.01%)
StrongboxA secret manager for AWS
Stars: ✭ 243 (-49.59%)
MalwarepersistencescriptsA collection of scripts I've written to help red and blue teams with malware persistence techniques.
Stars: ✭ 103 (-78.63%)
tellerCloud native secrets management for developers - never leave your command line for secrets.
Stars: ✭ 998 (+107.05%)
envkey-nodeEnvKey's official Node.js client library
Stars: ✭ 46 (-90.46%)
thycotic.secretserverPowerShell module for automating with Thycotic Secret Server REST API
Stars: ✭ 41 (-91.49%)
envkeygoEnvKey's official Go client library
Stars: ✭ 36 (-92.53%)
gtfoSearch for Unix binaries that can be exploited to bypass system security restrictions.
Stars: ✭ 88 (-81.74%)
Envkey AppSecure, human-friendly, cross-platform secrets and config.
Stars: ✭ 83 (-82.78%)
CryptrCryptr: a GUI for Hashicorp's Vault
Stars: ✭ 324 (-32.78%)
SecretserverSecret Server PowerShell Module
Stars: ✭ 82 (-82.99%)
Hashicorp Vault PluginJenkins plugin to populate environment variables from secrets stored in HashiCorp's Vault.
Stars: ✭ 191 (-60.37%)
Helm SecretsDEPRECATED A helm plugin that help manage secrets with Git workflow and store them anywhere
Stars: ✭ 1,129 (+134.23%)
1earn个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup
Stars: ✭ 776 (+61%)
TheharvesterE-mails, subdomains and names Harvester - OSINT
Stars: ✭ 6,175 (+1181.12%)
UltimateapplockerbypasslistThe goal of this repository is to document the most common techniques to bypass AppLocker.
Stars: ✭ 1,186 (+146.06%)
LolbasLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
Stars: ✭ 1,506 (+212.45%)
Deploy DeceptionA PowerShell module to deploy active directory decoy objects.
Stars: ✭ 109 (-77.39%)
PasscatPasswords Recovery Tool
Stars: ✭ 164 (-65.98%)
Information Security TasksThis repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions
Stars: ✭ 108 (-77.59%)
MalwlessTest Blue Team detections without running any attack.
Stars: ✭ 215 (-55.39%)
CypherothAutomated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.
Stars: ✭ 179 (-62.86%)
github-watchmanMonitoring GitHub for sensitive data shared publicly
Stars: ✭ 60 (-87.55%)
MicrosoftWontFixListA list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
Stars: ✭ 854 (+77.18%)
MurMurHashThis little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.
Stars: ✭ 79 (-83.61%)
dummyDLLUtility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.
Stars: ✭ 35 (-92.74%)
actionsLoad secrets into GitHub Actions
Stars: ✭ 47 (-90.25%)
secrets cliCLI for storing and reading your secrets via vault
Stars: ✭ 24 (-95.02%)
envkey-pythonEnvKey's python library. Protect API keys and credentials. Keep configuration in sync.
Stars: ✭ 24 (-95.02%)
k8s-vault-webhookA k8s vault webhook is a Kubernetes webhook that can inject secrets into Kubernetes resources by connecting to multiple secret managers
Stars: ✭ 107 (-77.8%)
NIST-to-TechAn open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)
Stars: ✭ 61 (-87.34%)
envkey-rubyEnvKey's official Ruby client library
Stars: ✭ 24 (-95.02%)
secrets-proxy🔑 A secure proxy service for managing OneOps secrets.
Stars: ✭ 12 (-97.51%)
OSINTBookmarksOSINT Bookmarks for Firefox / Chrome / Edge / Safari
Stars: ✭ 34 (-92.95%)
goblin一款适用于红蓝对抗中的仿真钓鱼系统
Stars: ✭ 844 (+75.1%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (-37.55%)
Pidense🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)
Stars: ✭ 358 (-25.73%)
Emp3r0rlinux post-exploitation framework made by linux user
Stars: ✭ 419 (-13.07%)
Scope🔭 Scope - Create a birdeye's view of your Github project and embed on your site
Stars: ✭ 453 (-6.02%)
0xsp Mongoosea unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfigurations and privilege escalations attacks, replicate the tactics and techniques of an advanced adversary in a network.
Stars: ✭ 419 (-13.07%)