B1t0n's Stars
tenable/poc
Proof of Concepts
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
nomi-sec/PoC-in-GitHub
📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.
danielbohannon/Invoke-CradleCrafter
PowerShell Remote Download Cradle Generator & Obfuscator
blaCCkHatHacEEkr/PENTESTING-BIBLE
articles
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
mgeeky/Stracciatella
OpSec-safe Powershell runspace from within C# (aka SharpPick) with AMSI, Constrained Language Mode and Script Block Logging disabled at startup
0xricksanchez/paper_collection
Academic papers related to fuzzing, binary analysis, and exploit dev, which I want to read or have already read
hegusung/AVSignSeek
Tool written in python3 to determine where the AV signature is located in a binary/payload
NotPrab/.NET-Obfuscator
Lists of .NET Obfuscator (Free, Freemium, Paid and Open Source )
de4dot/de4dot
.NET deobfuscator and unpacker.
ohpe/juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
hatRiot/token-priv
Token Privilege Research
GrrrDog/Java-Deserialization-Cheat-Sheet
The cheat sheet about Java Deserialization vulnerabilities
dirkjanm/adconnectdump
Dump Azure AD Connect credentials for Azure AD and Active Directory
LMGsec/o365creeper
Python script that performs email address validation against Office 365 without submitting login attempts.
christophetd/mindmaps
:mag: Mindmaps for threat hunting - work in progress.
k8gege/K8tools
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Exploit(Struts2/Zimbra/Weblogic/Tomcat/Apache/Jboss/DotNetNuke/zabbix)
k8gege/Ladon
Ladon大型内网渗透工具,可PowerShell模块化、可CS插件化、可内存加载,无文件扫描。含端口扫描、服务识别、网络资产探测、密码审计、高危漏洞检测、漏洞利用、密码读取以及一键GetShell,支持批量A段/B段/C段以及跨网段扫描,支持URL、主机、域名列表扫描等。Ladon 12.2内置262个功能,网络资产探测模块32个通过多种协议(ICMP\NBT\DNS\MAC\SMB\WMI\SSH\HTTP\HTTPS\Exchange\mssql\FTP\RDP)以及方法快速获取目标网络存活主机IP、计算机名、工作组、共享资源、网卡地址、操作系统版本、网站、子域名、中间件、开放服务、路由器、交换机、数据库、打印机等信息,高危漏洞检测16个含MS17010、Zimbra、Exchange
matterpreter/DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
BinaryDefense/artillery
The Artillery Project is an open-source blue team tool designed to protect Linux and Windows operating systems through multiple methods.
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
n1nj4sec/pupy
Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) C2 and post-exploitation framework written in python and C
AxtMueller/Windows-Kernel-Explorer
A free but powerful Windows kernel research tool.
hfiref0x/UACME
Defeating Windows User Account Control
marcosValle/awesome-windows-red-team
A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams
mcw0/PoC
Issues has been disabled for these PoC's, as they are simply PoC, Public Domain and unsupported.
yeyintminthuhtut/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
Kevin-Robertson/Inveigh
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers