Big-BlueBug's Stars
iamthefrogy/frogy
My subdomain enumeration script. It's unique in the way it is built upon.
Tylous/SourcePoint
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
orwagodfather/WordList
iamthefrogy/nerdbug
Full Nuclei automation script with logic explanation.
mgeeky/Penetration-Testing-Tools
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
mgeeky/SharpWebServer
Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality
S3cur3Th1sSh1t/PowerSharpPack
safebuffer/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
snoopysecurity/OSCE-Prep
A list of freely available resources that can be used as a prerequisite before taking OSCE.
purpl3f0xsecur1ty/OSCE-prep
Exploits made practicing for OSCE
su1s/exploits
Collection of exploits developed in practice for OSCE certification
e-a-security/Exploit-Dev-OSCE
Exploit Development, backdooring PE, bypassing Anti-Virus (AV), assembly shellcoding
rishuranjanofficial/JWTweak
Detects the algorithm of input JWT Token and provide options to generate the new JWT token based on the user selected algorithm.
epi052/OSCE-exam-practice
Proof of Concept exploit scripts and fuzzing templates. Companion blog posts located at https://epi052.gitlab.io/notes-to-self/blog/2020-05-13-osce-exam-practice-part-one/
GhostPack/Lockless
Lockless allows for the copying of locked files.
screetsec/TheFatRat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV software protection .
preempt/ntlm-scanner
A simple python tool based on Impacket that tests servers for various known NTLM vulnerabilities
hasura/graphql-engine
Blazing fast, instant realtime GraphQL APIs on all your data with fine grained access control, also trigger webhooks on database events.
PowerShell/PowerShell
PowerShell for every system!
corelan/mona
Corelan Repository for mona.py
corelan/windbglib
Public repository for windbglib, a wrapper around pykd.pyd (for Windbg), used by mona.py
jtpereyda/boofuzz
A fork and successor of the Sulley Fuzzing Framework
ropnop/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
dirkjanm/ldapdomaindump
Active Directory information dumper via LDAP
TarlogicSecurity/kerbrute
An script to perform kerberos bruteforcing by using impacket
cobbr/SharpSploit
SharpSploit is a .NET post-exploitation library written in C#
Bashfuscator/Bashfuscator
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.
BishopFox/sliver
Adversary Emulation Framework
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
TheWover/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters