DotDotSlashRepo's Stars
HackTricks-wiki/hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
OWASP/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
netbiosX/Checklists
Red Teaming & Pentesting checklists for various engagements
toniblyx/my-arsenal-of-aws-security-tools
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
sensepost/hostapd-mana
SensePost's modified hostapd for wifi attacks.
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
cobbr/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
BishopFox/sliver
Adversary Emulation Framework
dropbox/zxcvbn
Low-Budget Password Strength Estimation
Kevin-Robertson/Tater
Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec
Arvanaghi/SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
dafthack/PowerMeta
PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonly found in metadata are usernames, domains, software titles, and computer names.
GreatSCT/GreatSCT
The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
matterpreter/OffensiveCSharp
Collection of Offensive C# Tooling