ImpulsiveDLLHijackC# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
Stars: ✭ 258 (+203.53%)
CloakifyCloakifyFactory - Data Exfiltration & Infiltration In Plain Sight; Convert any filetype into list of everyday strings, using Text-Based Steganography; Evade DLP/MLS Devices, Defeat Data Whitelisting Controls, Social Engineering of Analysts, Evade AV Detection
Stars: ✭ 1,136 (+1236.47%)
wifi-deautherA fully automatic wifi deauther coded in Python
Stars: ✭ 25 (-70.59%)
YAPSYet Another PHP Shell - The most complete PHP reverse shell
Stars: ✭ 35 (-58.82%)
Hunter(l)user hunter using WinAPI calls only
Stars: ✭ 359 (+322.35%)
GhostwriterThe SpecterOps project management and reporting engine
Stars: ✭ 394 (+363.53%)
SifterSifter aims to be a fully loaded Op Centre for Pentesters
Stars: ✭ 403 (+374.12%)
Zynix Fusionzynix-Fusion is a framework that aims to centralize, standardizeand simplify the use of various security tools for pentest professionals.zynix-Fusion (old name: Linux evil toolkit) has few simple commands, one of which is theinit function that allows you to define a target, and thus use all the toolswithout typing anything else.
Stars: ✭ 84 (-1.18%)
Pentest⛔️ offsec batteries included
Stars: ✭ 1,063 (+1150.59%)
PhishapiComprehensive Web Based Phishing Suite for Rapid Deployment and Real-Time Alerting!
Stars: ✭ 272 (+220%)
OscpMy OSCP journey
Stars: ✭ 50 (-41.18%)
CloudbruteAwesome cloud enumerator
Stars: ✭ 268 (+215.29%)
PentmenuA bash script for recon and DOS attacks
Stars: ✭ 288 (+238.82%)
WhatwebNext generation web scanner
Stars: ✭ 3,503 (+4021.18%)
KaboomA tool to automate penetration tests
Stars: ✭ 322 (+278.82%)
Gray hat csharp codeThis repository contains full code examples from the book Gray Hat C#
Stars: ✭ 301 (+254.12%)
Cobalt strike extension kitAttempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.
Stars: ✭ 345 (+305.88%)
Vaultswiss army knife for hackers
Stars: ✭ 346 (+307.06%)
Impost3r👻Impost3r -- A linux password thief
Stars: ✭ 355 (+317.65%)
Adversary emulation libraryAn open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
Stars: ✭ 295 (+247.06%)
VanquishVanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases.
Stars: ✭ 449 (+428.24%)
JusttryharderJustTryHarder, a cheat sheet which will aid you through the PWK course & the OSCP Exam. (Inspired by PayloadAllTheThings)
Stars: ✭ 450 (+429.41%)
OctopusOpen source pre-operation C2 server based on python and powershell
Stars: ✭ 449 (+428.24%)
Slackor A Golang implant that uses Slack as a command and control server
Stars: ✭ 392 (+361.18%)
AiodnsbrutePython 3.5+ DNS asynchronous brute force utility
Stars: ✭ 370 (+335.29%)
ArchstrikeAn Arch Linux repository for security professionals and enthusiasts. Done the Arch Way and optimized for i686, x86_64, ARMv6, ARMv7 and ARMv8.
Stars: ✭ 401 (+371.76%)
StegcrackerSteganography brute-force utility to uncover hidden data inside files
Stars: ✭ 396 (+365.88%)
Eyes👀 🖥️ Golang rewrite of eyes.sh. Let's you perform domain/IP address information gathering. Wasn't it esr who said "With enough eyeballs, all your IP info are belong to us?" 🔍 🕵️
Stars: ✭ 38 (-55.29%)
linklink is a command and control framework written in rust
Stars: ✭ 345 (+305.88%)
Dradis CeDradis Framework: Colllaboration and reporting for IT Security teams
Stars: ✭ 443 (+421.18%)
FireelffireELF - Fileless Linux Malware Framework
Stars: ✭ 435 (+411.76%)
HosthunterHostHunter a recon tool for discovering hostnames using OSINT techniques.
Stars: ✭ 427 (+402.35%)
PentestkitUseful tools and scripts during Penetration Testing engagements
Stars: ✭ 463 (+444.71%)
NetcatNetCat for Windows
Stars: ✭ 463 (+444.71%)
Dref DNS Rebinding Exploitation Framework
Stars: ✭ 423 (+397.65%)
PasshuntPasshunt is a simple tool for searching of default credentials for network devices, web applications and more. Search through 523 vendors and their 2084 default passwords.
Stars: ✭ 961 (+1030.59%)
ChimeraChimera is a (shiny and very hack-ish) PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.
Stars: ✭ 463 (+444.71%)
VenomVenom - A Multi-hop Proxy for Penetration Testers
Stars: ✭ 1,228 (+1344.71%)
Linkedin2usernameOSINT Tool: Generate username lists for companies on LinkedIn
Stars: ✭ 504 (+492.94%)
Stowaway👻Stowaway -- Multi-hop Proxy Tool for pentesters
Stars: ✭ 500 (+488.24%)
Red Teaming ToolkitThis repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
Stars: ✭ 5,615 (+6505.88%)
MxtractmXtract - Memory Extractor & Analyzer
Stars: ✭ 499 (+487.06%)
WhonowA "malicious" DNS server for executing DNS Rebinding attacks on the fly (public instance running on rebind.network:53)
Stars: ✭ 533 (+527.06%)
Fwdsh3llForward shell generation framework
Stars: ✭ 62 (-27.06%)
PayloadsallthethingsA list of useful payloads and bypass for Web Application Security and Pentest/CTF
Stars: ✭ 32,909 (+38616.47%)
BlackmambaC2/post-exploitation framework
Stars: ✭ 544 (+540%)
ResourcesA Storehouse of resources related to Bug Bounty Hunting collected from different sources. Latest guides, tools, methodology, platforms tips, and tricks curated by us.
Stars: ✭ 62 (-27.06%)
OtsecaOpen source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.
Stars: ✭ 416 (+389.41%)
Thc ArchiveAll releases of the security research group (a.k.a. hackers) The Hacker's Choice
Stars: ✭ 474 (+457.65%)
Platypus🔨 A modern multiple reverse shell sessions manager wrote in go
Stars: ✭ 559 (+557.65%)
Passphrase WordlistPassphrase wordlist and hashcat rules for offline cracking of long, complex passwords
Stars: ✭ 556 (+554.12%)
Powershell RatPython based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
Stars: ✭ 636 (+648.24%)
SpiderfootSpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
Stars: ✭ 6,882 (+7996.47%)
Babysploit👶 BabySploit Beginner Pentesting Toolkit/Framework Written in Python 🐍
Stars: ✭ 883 (+938.82%)
HabuHacking Toolkit
Stars: ✭ 635 (+647.06%)
DirsearchWeb path scanner
Stars: ✭ 7,246 (+8424.71%)