30ini's Stars
jpillora/chisel
A fast TCP/UDP tunnel over HTTP
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Mr-xn/Penetration_Testing_POC
渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
lc/gau
Fetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.
ufrisk/MemProcFS
MemProcFS
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
SecuraBV/CVE-2020-1472
Test tool for CVE-2020-1472
lobuhi/byp4xx
40X/HTTP bypasser in Go. Features: Verb tampering, headers, #bugbountytips, User-Agents, extensions, default credentials...
mandatoryprogrammer/CursedChrome
Chrome-extension implant that turns victim Chrome browsers into fully-functional HTTP proxies, allowing you to browse sites as your victims.
mandiant/SharPersist
AndyFul/ConfigureDefender
Utility for configuring Windows 10 built-in Defender antivirus settings.
DeimosC2/DeimosC2
DeimosC2 is a Golang command and control framework for post-exploitation.
mgeeky/cobalt-arsenal
My collection of battle-tested Aggressor Scripts for Cobalt Strike 4.0+
nsacyber/Mitigating-Web-Shells
Guidance for mitigation web shells. #nsacyber
aas-n/spraykatz
Credentials gathering tool automating remote procdump and parse of lsass process.
GhostPack/SharpWMI
SharpWMI is a C# implementation of various WMI functionality.
D4stiny/spectre
A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
blackarrowsec/pivotnacci
A tool to make socks connections through HTTP agents
NullArray/RootHelper
A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
MythicAgents/Apollo
A .NET Framework 4.0 Windows Agent
trustedsec/nps_payload
This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (@Spoonman1091) Payload written by Ben Mauch (@Ben0xA) aka dirty_ben
aaronparker/evergreen
Create evergreen Windows image build pipelines with the latest version numbers and download URLs for common applications
mandiant/PwnAuth
QAX-A-Team/EventLogMaster
Cobalt Strike插件 - RDP日志取证&清除
NetSPI/PowerShell
NetSPI PowerShell Scripts
outflanknl/Recon-AD
Recon-AD, an AD recon tool based on ADSI and reflective DLL’s
NetSPI/ESC
Evil SQL Client (ESC) is an interactive .NET SQL console client with enhanced SQL Server discovery, access, and data exfiltration features. While ESC can be a handy SQL Client for daily tasks, it was originally designed for targeting SQL Servers during penetration tests and red team engagements. The intent of the project is to provide an .exe, but also sample files for execution through mediums like msbuild and PowerShell.
weibell/reverse-shell-generator
Web-based reverse shell generator
invokethreatguy/AggressorCollection
Collection of awesome Cobalt Strike Aggressor Scripts. All credit due to the authors
HanseSecure/metasploit-modules