ColdFusionX's Stars
WerWolv/ImHex
🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM.
vxunderground/MalwareSourceCode
Collection of malware source code for a variety of platforms in an array of different programming languages.
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
byt3bl33d3r/CrackMapExec
A swiss army knife for pentesting networks
KathanP19/HowToHunt
Collection of methodology and test case for various web vulnerabilities.
red/red
Red is a next-generation programming language strongly inspired by Rebol, but with a broader field of usage thanks to its native-code compiler, from system programming to high-level scripting and cross-platform reactive GUI, while providing modern support for concurrency, all in a zero-install, zero-config, single ~1MB file!
S3cur3Th1sSh1t/WinPwn
Automation for internal Windows Penetrationtest / AD-Security
V33RU/IoTSecurity101
A Curated list of IoT Security Resources
login-securite/lsassy
Extract credentials from lsass remotely
Hackplayers/hackthebox-writeups
Writeups for HacktheBox 'boot2root' machines
ihebski/A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
WADComs/WADComs.github.io
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
intel/cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
hackerscrolls/SecurityTips
hausec/Bloodhound-Custom-Queries
Custom Query list for the Bloodhound GUI based off my cheatsheet
cube0x0/SharpMapExec
orangetw/awesome-jenkins-rce-2019
There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
epi052/osed-scripts
bespoke tooling for offensive security's Windows Usermode Exploit Dev course (OSED)
elddy/NimScan
🚀 Fast Port Scanner 🚀
dhaneshsivasamy07/hackthebox
Notes Taken for HTB Machines & InfoSec Community.
mandiant/OfficePurge
Ebryx/GitDump
A pentesting tool that dumps the source code from .git even when the directory traversal is disabled
BishopFox/json-interop-vuln-labs
Companion labs to "An Exploration of JSON Interoperability Vulnerabilities"
SpecterOps/presentations
SpecterOps Presentations
leftp/SpoolSamplerNET
Implementation of SpoolSample without rDLL
GammaG/OSCP_Notes
Nero22k/Exploit_Development
Collection of python3 exploits written by me to practice exploit development. Also is good preparation for OSED-301 course released by offensive security.
deletehead/java_deserialization
Some research on java deserialization
boku7/GetSimple-SmtpPlugin-CSRF2RCE
GetSimple CMS My SMTP Contact Plugin <= v1.1.1 - CSRF to RCE
JSitter/dockerized_backdrop_cms
The Backdrop CMS in a Docker Container.