0xBrAinsTorM

0xBrAinsTorM's Stars

• bluscreenofjeff/Red-Team-Infrastructure-Wiki

  Wiki to collect Red Team infrastructure hardening resources

  4.2k2117906

• epinna/tplmap

  Server-Side Template Injection and Code Injection Detection and Exploitation Tool

  Language:Python3.8k8481677

• jonaslejon/malicious-pdf

  💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

  Language:Python2.9k619389

• netwrix/pingcastle

  PingCastle - Get Active Directory Security at 80% in 20% of the time

  Language:C#2.4k66213294

• kost/dvcs-ripper

  Rip web accessible (distributed) version control systems: SVN/GIT/HG...

  Language:Perl1.7k5218311

• Dec0ne/KrbRelayUp

  KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

  Language:C#1.6k2323208

• irsdl/IIS-ShortName-Scanner

  latest version of scanners for IIS short filename (8.3) disclosure vulnerability

  Language:Java1.5k3031253

• tokyoneon/Chimera

  Chimera is a PowerShell obfuscation script designed to bypass AMSI and commercial antivirus solutions.

  Language:PowerShell1.5k327250

• iagox86/hash_extender

  Language:C1.1k3413184

• blacklanternsecurity/TREVORspray

  TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

  Language:Python1.1k1828150

• Greenwolf/ntlm_theft

  A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

  Language:Python1k273126

• MysticRyuujin/guac-install

  Script for installing Guacamole on Ubuntu

  Language:Shell1k55208274

• leechristensen/SpoolSample

  PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.

  Language:C#941101143

• cfalta/MicrosoftWontFixList

  A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))

  939624100

• tomnomnom/qsreplace

  Accept URLs on stdin, replace all query string values with a user-supplied value

  Language:Go7762011126

• nyxgeek/o365recon

  retrieve information via O365 and AzureAD with a valid cred

  Language:PowerShell69719499

• 3v4Si0N/HTTP-revshell

  Powershell reverse shell using HTTP/S protocol with AMSI bypass and Proxy Aware

  Language:PowerShell60018896

• luisfontes19/xxexploiter

  Tool to help exploit XXE vulnerabilities

  Language:TypeScript54914569

• modzero/mod0BurpUploadScanner

  HTTP file upload scanner for Burp Proxy

  Language:Perl48516107138

• mgeeky/tomcatWarDeployer

  Apache Tomcat auto WAR deployment & pwning penetration testing tool.

  Language:Python4191613129

• SafeBreach-Labs/SirepRAT

  Remote Command Execution as SYSTEM on Windows IoT Core (releases available for Python2.7 & Python3)

  Language:Python374261388

• synacktiv/eos

  Enemies Of Symfony - Debug mode Symfony looter

  Language:Python32181250

• cnotin/SplunkWhisperer2

  Local privilege escalation, or remote code execution, through Splunk Universal Forwarder (UF) misconfigurations

  Language:Python2455453

• vivami/OutlookParasite

  Outlook persistence using VSTO add-ins

  Language:PowerShell848020

• ptswarm/impacket

  Impacket Fork for Contributing and Sharing Our Knowledge about Windows

  Language:Python648011

• snovvcrash/peas

  Modified version of PEAS client for offensive operations

  Language:Python383010

• qtc-de/wconv

  wconv - Converting Windows native formats into human readable form

  Language:Python34312

• jackrichardzon/s4p0

  143012

• Loumaris/hetzner_vagrant

  Connecting a vagrant machine to an additional IP or subnet

  2101

• JnTournier/domi-owned

  IBM/Lotus Domino exploitation

  Language:Python1000