Stars
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Tool for Active Directory Certificate Services enumeration and abuse
An open-source remote desktop application designed for self-hosting, as an alternative to TeamViewer.
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
BC-SECURITY / Empire
Forked from EmpireProject/EmpireEmpire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
A simple FOFA client written in JavaFX. Made by WgpSec, Maintained by f1ashine.
Automate the creation of a lab environment complete with security tooling and logging best practices
A method of bypassing EDR's active projection DLL's by preventing entry point exection
Collection of resources about Virtualization
A Burp Suite Extension to extract interesting strings (key, secret, token, or etc.) from a webpage.
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.
A collection of android security related resources
A curated list of awesome C++ (or C) frameworks, libraries, resources, and shiny things. Inspired by awesome-... stuff.
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
HTTPLeaks - All possible ways, a website can leak HTTP requests
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
PoC for CVE-2020-0601- Windows CryptoAPI (Crypt32.dll)
🐱💻 Poc of CVE-2019-7238 - Nexus Repository Manager 3 Remote Code Execution 🐱💻
CVE-2020-8012, CVE-2016-10709, CVE-2017-17099, CVE-2017-18047, CVE-2019-1003000, CVE-2018-1999002
Fetch all the URLs that the Wayback Machine knows about for a domain
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.
Intelligent proxy pool for Humans™ to extract content from the internet and build your own Large Language Models in this new AI era
🐶 A curated list of Web Security materials and resources.