ycsmThis is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
Stars: ✭ 73 (-93.74%)
paradoxiaRATParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 583 (-50%)
GhostwriterThe SpecterOps project management and reporting engine
Stars: ✭ 394 (-66.21%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (-92.62%)
OctopusOctopus - Network Scan/Infos & Web Scan
Stars: ✭ 25 (-97.86%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (-63.72%)
linklink is a command and control framework written in rust
Stars: ✭ 345 (-70.41%)
NishangNishang - Offensive PowerShell for red team, penetration testing and offensive security.
Stars: ✭ 5,943 (+409.69%)
InMemoryNETExploring in-memory execution of .NET
Stars: ✭ 55 (-95.28%)
Hunter(l)user hunter using WinAPI calls only
Stars: ✭ 359 (-69.21%)
Red-Team-EssentialsThis repo will contain some basic pentest/RT commands.
Stars: ✭ 22 (-98.11%)
ja3transportImpersonating JA3 signatures
Stars: ✭ 200 (-82.85%)
QuasarRemote Administration Tool for Windows
Stars: ✭ 4,897 (+319.98%)
ReversePowerShellFunctions that can be used to gain Reverse Shells with PowerShell
Stars: ✭ 48 (-95.88%)
AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (-40.99%)
RT-CyberShieldProtecting Red Team infrastructure with cyber shield blocking AWS/AZURE/IBM/Digital Ocean/TOR/AV IP/ETC. ranges
Stars: ✭ 34 (-97.08%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (-65.27%)
anti-honeypot一款可以检测WEB蜜罐并阻断请求的Chrome插件,能够识别并阻断长亭D-sensor、墨安幻阵的部分溯源api
Stars: ✭ 38 (-96.74%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (-28.56%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+256.95%)
juumla🦁 Juumla is a python tool created to identify Joomla version, scan for vulnerabilities and search for config or backup files.
Stars: ✭ 107 (-90.82%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (-53.6%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (-71.61%)
PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (-75.3%)
pwn-pulseExploit for Pulse Connect Secure SSL VPN arbitrary file read vulnerability (CVE-2019-11510)
Stars: ✭ 126 (-89.19%)
AggressorscriptsAggressor scripts for use with Cobalt Strike 3.0+
Stars: ✭ 501 (-57.03%)
BashfuscatorA fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
Stars: ✭ 690 (-40.82%)
Dns Rebind ToolkitA front-end JavaScript toolkit for creating DNS rebinding attacks.
Stars: ✭ 435 (-62.69%)
inceptorTemplate-Driven AV/EDR Evasion Framework
Stars: ✭ 730 (-37.39%)
AggressorscriptsCollection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Stars: ✭ 1,008 (-13.55%)
Deimosc2DeimosC2 is a Golang command and control framework for post-exploitation.
Stars: ✭ 423 (-63.72%)
SherlockThis script is designed to help expedite a web application assessment by automating some of the assessment steps (e.g., running nmap, sublist3r, metasploit, etc.)
Stars: ✭ 36 (-96.91%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (-52.06%)
dorothyDorothy is a tool to test security monitoring and detection for Okta environments
Stars: ✭ 85 (-92.71%)
ParadoxiaratParadoxiaRat : Native Windows Remote access Tool.
Stars: ✭ 395 (-66.12%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (-2.57%)
LiquidSnakeLiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
Stars: ✭ 266 (-77.19%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (-66.38%)
SharpUnhookerC# Based Universal API Unhooker
Stars: ✭ 255 (-78.13%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (-53.34%)
BifrostBifrost C2. Open-source post-exploitation using Discord API
Stars: ✭ 37 (-96.83%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (-68.27%)
MacOS-WPA-PSKPoC script showing that MacOS leaves the wireless key in NVRAM, in plaintext and accessible to anyone.
Stars: ✭ 29 (-97.51%)
Pi Pwnbox RogueapHomemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Stars: ✭ 798 (-31.56%)
XENAXENA is the managed remote administration platform for botnet creation & development powered by blockchain and machine learning. Aiming to provide an ecosystem which serves the bot herders. Favoring secrecy and resiliency over performance. It's micro-service oriented allowing for specialization and lower footprint. Join the community of the ulti…
Stars: ✭ 127 (-89.11%)
WalrusAn Android app that lets you use your access control card cloning devices in the field.
Stars: ✭ 350 (-69.98%)
Sub-DrillA very (very) FAST and simple subdomain finder based on online & free services. Without any configuration requirements.
Stars: ✭ 70 (-94%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+381.56%)
Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (-74.7%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (-94%)
SleightEmpire HTTP(S) C2 redirector setup script
Stars: ✭ 44 (-96.23%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (-33.53%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (-54.29%)
Cobaltstrike ToolsetAggressor Script, Kits, Malleable C2 Profiles, External C2 and so on
Stars: ✭ 290 (-75.13%)