91tim's Stars
trufflesecurity/trufflehog
Find, verify, and analyze leaked credentials
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
michenriksen/gitrob
Reconnaissance tool for GitHub organizations
bats3c/shad0w
A post exploitation framework designed to operate covertly on heavily monitored environments
NetSPI/MicroBurst
A collection of scripts for assessing Microsoft Azure security
wavestone-cdt/EDRSandblast
wikiZ/RedGuard
RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check.
t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.
anshumanbh/git-all-secrets
A tool to capture all the git secrets by leveraging multiple open source git searching tools
CCob/SharpBlock
A method of bypassing EDR's active projection DLL's by preventing entry point exection
TideSec/GoBypassAV
整理了基于Go的16种API免杀测试、8种加密测试、反沙盒测试、编译混淆、加壳、资源修改等免杀技术,并搜集汇总了一些资料和工具。
Flangvik/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
MiniGlome/Archive.org-Downloader
Python3 script to download archive.org books in PDF format
JoelGMSec/EvilnoVNC
Ready to go Phishing Platform
silverhack/monkey365
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
hackerhouse-opensource/iscsicpl_bypassUAC
UAC bypass for x64 Windows 7 - 11
Kudaes/Elevator
UAC bypass by abusing RPC and debug objects.
Markakd/DirtyCred
Kernel exploitation technique
janoglezcampos/DeathSleep
A PoC implementation for an evasion technique to terminate the current thread and restore it before resuming execution, while implementing page protection changes during no execution.
GhostPack/Koh
The Token Stealer
post-cyberlabs/Offensive_tools
API-Security/APISandbox
Pre-Built Vulnerable Multiple API Scenarios Environments Based on Docker-Compose.
xforcered/BokuLoader
A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!
CervantesSec/cervantes
Cervantes is an open-source, collaborative platform designed specifically for pentesters and red teams. It serves as a comprehensive management tool, streamlining the organization of projects, clients, vulnerabilities, and reports in a single, centralized location.
KiFilterFiberContext/warbird-hook
Using Microsoft Warbird to automatically unpack and execute encrypted shellcode in ClipSp.sys without triggering PatchGuard
eladshamir/RPC-Backdoor
A basic emulation of an "RPC Backdoor"
mhaskar/ExchangeFinder
Find Microsoft Exchange instance for a given domain and identify the exact version
mainframed/DC30_Workshop
DEFCON 30 Mainframe buffer overlow workshop container
rad9800/BloatedHammer
API Hammering with C++20
AlrikRr/ActiveDirectory_Lab
Active DIrectory Lab for Pentesting Practice