Steganography brute-force utility to uncover hidden data inside files

Nishang - Offensive PowerShell for red team, penetration testing and offensive security.

rsatool can be used to calculate RSA and RSA-CRT parameters

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

Corelan Repository for mona.py

Bad char generator to instruct encoders such as shikata-ga-nai to transform those to other chars.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Linux enumeration tool for pentesting and CTFs with verbosity levels

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

BurpSuite using the document and some extensions

Fast web fuzzer written in Go

Open-Source Phishing Toolkit

Privilege Escalation Enumeration Script for Windows

Scripted Local Linux Enumeration & Privilege Escalation Checks

JAWS - Just Another Windows (Enum) Script

PowerShell Obfuscator

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

db_autopwn plugin of metasploit

The Penetration Testing Execution Standard (PTES) Automation Framework

Virtual machine templates for Windows written in legacy JSON and Batch Scripting/JScript

This is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010

This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public expl…

windows-kernel-exploits Windows平台提权漏洞集合

Linux privilege escalation auditing tool

MS17-010 scanner / exploit

Defeating Windows User Account Control