SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-94.72%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-6.96%)
Physmem2profitPhysmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Stars: ✭ 244 (-70.71%)
AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (-17.41%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (-32.89%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (-84.87%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-60.26%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+574.07%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (-76.83%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-91.6%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-55.58%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+49.94%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (-81.99%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (-87.64%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+36.37%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-89.68%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-51.38%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-35.05%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (-89.8%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+230.13%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (-86.43%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-97.36%)
PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (-65.43%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+399.64%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-49.22%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+726.17%)
DragonflyDragonfly is an intelligent P2P based image and file distribution system.
Stars: ✭ 5,720 (+586.67%)
GoscanInteractive Network Scanner
Stars: ✭ 795 (-4.56%)
SpoilerwallSpoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports!
Stars: ✭ 754 (-9.48%)
Security whitepapersCollection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi
Stars: ✭ 644 (-22.69%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (-23.65%)
HabuHacking Toolkit
Stars: ✭ 635 (-23.77%)
Registry CliScripts for easy manipulation of docker-registry from command line (and from scripts)
Stars: ✭ 609 (-26.89%)
React Native Full Example第一个完整的react-native项目。包括服务端和移动端两部分。服务端使用express+bootstrap进行搭建,主要功能有登录、退出、模块选择、查看、修改、删除、分页等后台管理的基本功能;移动端主要用到组件View、Text、Image、ScrollView、ListView等常用的组件,也使用了第三方的地图服务(高德地图),作为初学者。是一个很好的学习案例。
Stars: ✭ 809 (-2.88%)
PrivescA collection of Windows, Linux and MySQL privilege escalation scripts and exploits.
Stars: ✭ 786 (-5.64%)
DistributionThe toolkit to pack, ship, store, and deliver container content
Stars: ✭ 6,445 (+673.71%)
SuboverA Powerful Subdomain Takeover Tool
Stars: ✭ 607 (-27.13%)
XsserCross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
Stars: ✭ 606 (-27.25%)
DiamorphineLKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)
Stars: ✭ 725 (-12.97%)
HashviewA web front-end for password cracking and analytics
Stars: ✭ 601 (-27.85%)
Node ConfigNode.js Application Configuration
Stars: ✭ 5,423 (+551.02%)
PupyPupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python
Stars: ✭ 6,737 (+708.76%)
ExploitpackExploit Pack -The next generation exploit framework
Stars: ✭ 728 (-12.61%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (-33.25%)
Linuxprivcheckerlinuxprivchecker.py -- a Linux Privilege Escalation Check Script
Stars: ✭ 715 (-14.17%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+613.45%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+994.36%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (-3.72%)
DawsAdvanced Web Shell
Stars: ✭ 551 (-33.85%)
DiunReceive notifications when an image is updated on a Docker registry
Stars: ✭ 704 (-15.49%)
AwspxA graph-based tool for visualizing effective access and resource relationships in AWS environments.
Stars: ✭ 546 (-34.45%)
CansinaWeb Content Discovery Tool
Stars: ✭ 709 (-14.89%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-34.69%)
PerunPerun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架
Stars: ✭ 773 (-7.2%)