Lists (1)
Sort Name ascending (A-Z)
Stars
Decrypt GlobalProtect configuration and cookie files.
BC-SECURITY / Empire
Forked from EmpireProject/EmpireEmpire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
FPGA modules used together with the PCILeech Direct Memory Access (DMA) Attack Software
latest version of scanners for IIS short filename (8.3) disclosure vulnerability
Shikata ga nai (仕方がない) encoder ported into go with several improvements
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
Dump lsass using only NTAPIS running 3 programs to create 3 JSON and 1 ZIP file... and generate the Minidump later!
Leak of any user's NetNTLM hash. Fixed in KB5040434
Wiki to collect Red Team infrastructure hardening resources
Script that installs/configures a Dovecot, Postfix, Spam Assassin, OpenDKIM Debian web server
An automation tool that enumerates subdomains then filters out xss, sqli, open redirect, lfi, ssrf and rce parameters and then scans for vulnerabilities.
basic concept for the latest windows wifi driver CVE
crtdumper is a Go application designed to interact directly with Certificate Transparency (CT) logs servers and extract domain names from certificates. Perfect for security researchers and develope…
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
An insane list of all dorks taken from everywhere from various different sources.
This repo contains some Amsi Bypass methods i found on different Blog Posts.
A PowerShell tool that takes strong inspiration from CrackMapExec / NetExec
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share th…
This repository contain a lot of web and api vulnerability checklist , a lot of vulnerability ideas and tips from twitter
Various tips & tricks