PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (+554.55%)
Aggressor scriptsA collection of useful scripts for Cobalt Strike
Stars: ✭ 126 (+186.36%)
Netmap.jsFast browser-based network discovery module
Stars: ✭ 70 (+59.09%)
SessiongopherSessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
Stars: ✭ 833 (+1793.18%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+740.91%)
ThecollectiveThe Collective. A repo for a collection of red-team projects found mostly on Github.
Stars: ✭ 85 (+93.18%)
ycsmThis is a quick script installation for resilient redirector using nginx reverse proxy and letsencrypt compatible with some popular Post-Ex Tools (Cobalt Strike, Empire, Metasploit, PoshC2).
Stars: ✭ 73 (+65.91%)
Dumpsterfire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
Stars: ✭ 775 (+1661.36%)
ShonyDanzaA customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
Stars: ✭ 86 (+95.45%)
BulwarkAn organizational asset and vulnerability management tool, with Jira integration, designed for generating application security reports.
Stars: ✭ 113 (+156.82%)
Kubernetes GoatKubernetes Goat is "Vulnerable by Design" Kubernetes Cluster. Designed to be an intentionally vulnerable cluster environment to learn and practice Kubernetes security.
Stars: ✭ 868 (+1872.73%)
Black Hat RustApplied offensive security with Rust - Early access - https://academy.kerkour.com/black-hat-rust?coupon=GITHUB
Stars: ✭ 331 (+652.27%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+2481.82%)
Go Deliver Go-deliver is a payload delivery tool coded in Go.
Stars: ✭ 103 (+134.09%)
Physmem2profitPhysmem2profit can be used to create a minidump of a target hosts' LSASS process by analysing physical memory remotely
Stars: ✭ 244 (+454.55%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+861.36%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+12661.36%)
AirmasterUse ExpiredDomains.net and BlueCoat to find useful domains for red team.
Stars: ✭ 150 (+240.91%)
Hack ToolsThe all-in-one Red Team extension for Web Pentester 🛠
Stars: ✭ 2,750 (+6150%)
HrshellHRShell is an HTTPS/HTTP reverse shell built with flask. It is an advanced C2 server with many features & capabilities.
Stars: ✭ 193 (+338.64%)
Infosec referenceAn Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Stars: ✭ 4,162 (+9359.09%)
PacketwhisperPacketWhisper: Stealthily exfiltrate data and defeat attribution using DNS queries and text-based steganography. Avoid the problems associated with typical DNS exfiltration methods. Transfer data between systems without the communicating devices directly connecting to each other or to a common endpoint. No need to control a DNS Name Server.
Stars: ✭ 405 (+820.45%)
Gitjacker🔪 Leak git repositories from misconfigured websites
Stars: ✭ 1,249 (+2738.64%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+1170.45%)
BigbountyreconBigBountyRecon tool utilises 58 different techniques using various Google dorks and open source tools to expedite the process of initial reconnaissance on the target organisation.
Stars: ✭ 541 (+1129.55%)
AutordpwnThe Shadow Attack Framework
Stars: ✭ 688 (+1463.64%)
ObiOCaml Build Infrastructure
Stars: ✭ 25 (-43.18%)
ServerServe your Rubix ML models in production with scalable stand-alone model inference servers.
Stars: ✭ 30 (-31.82%)
CommoncrawlparserSimple multi threaded tool to extract domain related data from commoncrawl.org
Stars: ✭ 25 (-43.18%)
Decentralized Ml InfraBlockchain infrastructure for decentralized machine learning (decentralized-ml repo).
Stars: ✭ 23 (-47.73%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-13.64%)
P0wny ShellSingle-file PHP shell
Stars: ✭ 949 (+2056.82%)
Clia lightweight, security focused, BDD test framework against terraform.
Stars: ✭ 918 (+1986.36%)
Pwncatpwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
Stars: ✭ 904 (+1954.55%)
FinalreconThe Last Web Recon Tool You'll Need
Stars: ✭ 888 (+1918.18%)
SecuritySome of my security stuff and vulnerabilities. Nothing advanced. More to come.
Stars: ✭ 835 (+1797.73%)
AggressorscriptsCollection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
Stars: ✭ 1,008 (+2190.91%)
SketchyA task based API for taking screenshots and scraping text from websites.
Stars: ✭ 988 (+2145.45%)
HashtopolisA Hashcat wrapper for distributed hashcracking
Stars: ✭ 835 (+1797.73%)
GogitdumperDump exposed HTTP .git fast
Stars: ✭ 27 (-38.64%)
Ciphey⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Stars: ✭ 9,116 (+20618.18%)
ChefChef Infra, a powerful automation platform that transforms infrastructure into code automating how infrastructure is configured, deployed and managed across any environment, at any scale
Stars: ✭ 6,766 (+15277.27%)
DirhuntFind web directories without bruteforce
Stars: ✭ 983 (+2134.09%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+1906.82%)
Sn0intSemi-automatic OSINT framework and package manager
Stars: ✭ 814 (+1750%)
Vigil🚦 Microservices Status Page. Monitors a distributed infrastructure and sends alerts (Slack, SMS, etc.).
Stars: ✭ 804 (+1727.27%)
SprayingtoolkitScripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
Stars: ✭ 802 (+1722.73%)
Awesome OscpA curated list of awesome OSCP resources
Stars: ✭ 804 (+1727.27%)
ItamaeConfiguration management tool inspired by Chef, but simpler and lightweight. Formerly known as Lightchef.
Stars: ✭ 1,014 (+2204.55%)
KeyloggerA simple keylogger for Windows, Linux and Mac
Stars: ✭ 1,007 (+2188.64%)
Addon LxdoneAllows OpenNebula to manage Linux Containers via LXD
Stars: ✭ 36 (-18.18%)
Scanlessonline port scan scraper
Stars: ✭ 875 (+1888.64%)
Pi Pwnbox RogueapHomemade Pwnbox 🚀 / Rogue AP 📡 based on Raspberry Pi — WiFi Hacking Cheatsheets + MindMap 💡
Stars: ✭ 798 (+1713.64%)