359 Open source projects that are alternatives of or similar to Ultimateapplockerbypasslist

Search for Unix binaries that can be exploited to bypass system security restrictions.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

Purple Team Exercise Framework

A list of payload and bypass lists for penetration testing and red team infrastructure build.

A collection of electronic hacker magazines carefully curated over the years from multiple sources

Automated, extensible toolset that runs cypher queries against Bloodhound's Neo4j backend and saves output to spreadsheets.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily contribute daily one hour for day to day tasks and work on problem statements daily, Please contribute by providing problem statements and solutions

A PowerShell module to deploy active directory decoy objects.

An open-source listing of cybersecurity technology mapped to the NIST Cybersecurity Framework (CSF)

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

ffffffff0x 团队维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

个人维护的安全知识框架,内容包括不仅限于 web安全、工控安全、取证、应急、蓝队设施部署、后渗透、Linux安全、各类靶机writup

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

Test Blue Team detections without running any attack.

Blue Team detection lab created with Terraform and Ansible in Azure.

🍓📡🍍Monitor illegal wireless network activities. (Fake Access Points), (WiFi Threats: KARMA Attacks, WiFi Pineapple, Similar SSID, OPN Network Density etc.)

Script collection to bypass Network Access Control (NAC, 802.1x)

Monitoring your Slack workspaces for sensitive information

Load a fresh new copy of ntdll.dll via file mapping to bypass API inline hook.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

OSINT Bookmarks for Firefox / Chrome / Edge / Safari

This little tool is to calculate a MurmurHash value of a favicon to hunt phishing websites on the Shodan platform.

ShellCodeLoader via DInvoke

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

This repository contains full code examples from the book Gray Hat C#

Slack Enumeration and Extraction Tool - extract sensitive information from a Slack Workspace

Monitoring GitLab for sensitive data shared publicly

A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup

A collection of scripts I've written to help red and blue teams with malware persistence techniques.

E-mails, subdomains and names Harvester - OSINT

Monitoring GitHub for sensitive data shared publicly

Utility for hunting UAC bypasses or COM/DLL hijacks that alerts on the exported function that was consumed.

This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.

一款适用于红蓝对抗中的仿真钓鱼系统

WADComs is an interactive cheat sheet, containing a curated list of Unix/Windows offensive tools and their respective commands.

Scan your code for security misconfiguration, search for passwords and secrets. 🔍

backdorOS is an in-memory OS written in Python 2.7 with a built-in in-memory filesystem, hooks for open() calls and imports, Python REPL etc.

Android udev rules list aimed to be the most comprehensive on the net

Perun是一款主要适用于乙方安服、渗透测试人员和甲方RedTeam红队人员的网络资产漏洞扫描器/扫描框架

A list to discover work of red team tooling and methodology for penetration testing and security assessment

Elder driver Xposed Framework. W / Snapchat Bypass

All about bug bounty (bypasses, payloads, and etc)

记录自己编写、修改的部分工具

Rules engine for .NET, based on the Rete matching algorithm, with internal DSL in C#.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.

gitGraber: monitor GitHub to search and find sensitive data in real time for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries

Setup and run tests to verify Firestore security rules

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

No description, website, or topics provided.

A text/template based rules engine

🔐 Lockdoor Framework : A Penetration Testing framework with Cyber Security Resources

A collection of awesome security hardening guides, tools and other resources

Business rules language for NRules rules engine.

做redteam时使用，修改自Ridter的https://github.com/Ridter/Intranet_Penetration_Tips

A declarative programming framework

A big list of Android Hackerone disclosed reports and other resources.