0xSeanG

0xSeanG's Stars

• JPCERTCC/LogonTracer

  Investigate malicious Windows logon by visualizing and analyzing Windows event log

  Language:Python2.7k444

• cea-sec/usbsas

  Tool and framework for securely reading untrusted USB mass storage devices.

  Language:Rust33029

• cisagov/ScubaGear

  Automation to assess the state of your M365 tenant against CISA's baselines

  Language:PowerShell1.8k230

• trustedsec/Zoinks

  Manage Engine Decrypter

  Language:Python237

• NetSPI/PowerHunt

  PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.

  Language:PowerShell6010

• NetSPI/PowerHuntShares

  PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.

  Language:PowerShell69983

• cisagov/RedEye

  RedEye is a visual analytic tool supporting Red & Blue Team operations

  Language:TypeScript2.7k271

• microsoft/aka

  Doc page listing all public aka.ms links for Microsoft admin portals

  33934

• wealthsimple/odef

  This is a public template repository for the Open Detection Engineering Framework

  Language:Python235

• blacklanternsecurity/MANSPIDER

  Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!

  Language:Python1k131

• SnaffCon/Snaffler

  a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

  Language:C#2.2k216

• BishopFox/cloudfox

  Automating situational awareness for cloud penetration tests.

  Language:Go2k184

• WhiteOakSecurity/GoAWSConsoleSpray

  Tool to spray AWS Console IAM Logins

  Language:Go255

• wiz-sec-public/cloud-middleware-dataset

  24015

• dhoelzer/ShowMeThePackets

  Useful network monitoring, analysis, and active response tools used or mentioned in the SANS SEC503 course (https://www.sans.org/course/intrusion-detection-in-depth)

  Language:Jupyter Notebook21243

• firefart/hijagger

  Checks all maintainers of all NPM and Pypi packages for hijackable packages through domain re-registration

  Language:Go28624

• DataDog/stratus-red-team

  :cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

  Language:Go1.8k216

• hexa-org/policy-orchestrator

  Hexa Policy Orchestrator enables you to manage all of your access policies consistently across software providers.

  Language:Shell9815

• punk-security/smbeagle

  SMBeagle - Fileshare auditing tool.

  Language:C#69882

• skahwah/wordsmith

  The aim of Wordsmith is to assist with creating tailored wordlists. This is mostly based on geolocation.

  Language:Ruby16422

• iknowjason/edge

  Recon tool for cloud provider attribution. Supports AWS, Azure, Google, Cloudflare, and Digital Ocean.

  Language:Go15918

• dafthack/CloudPentestCheatsheets

  This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

  2.6k513

• RhinoSecurityLabs/pacu

  The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

  Language:Python4.4k701

• RhinoSecurityLabs/GCP-IAM-Privilege-Escalation

  A collection of GCP IAM privilege escalation methods documented by the Rhino Security Labs team.

  Language:Python34574

• carnal0wnage/weirdAAL

  WeirdAAL (AWS Attack Library)

  Language:Python78392

• LOLBAS-Project/LOLBAS

  Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

  Language:XSLT7.1k1k

• matterpreter/DefenderCheck

  Identifies the bytes that Microsoft Defender flags on.

  Language:C#2.3k401

• Velocidex/velociraptor

  Digging Deeper....

  Language:Go3k492

• CravateRouge/bloodyAD

  BloodyAD is an Active Directory Privilege Escalation Framework

  Language:Python1.3k120

• iknowjason/PurpleCloud

  A little tool to play with Azure Identity - Azure and Entra ID lab creation tool. Blog: https://medium.com/@iknowjason/sentinel-for-purple-teaming-183b7df7a2f4

  Language:Python53194