DotDotSlashRepo

DotDotSlashRepo's Stars

• HackTricks-wiki/hacktricks

  Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.

  Language:Python8.9k2.6k

• OWASP/owasp-mastg

  The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

  Language:Python11.7k2.3k

• netbiosX/Checklists

  Red Teaming & Pentesting checklists for various engagements

  2.5k510

• toniblyx/my-arsenal-of-aws-security-tools

  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

  Language:Shell8.9k1.5k

• sensepost/hostapd-mana

  SensePost's modified hostapd for wifi attacks.

  Language:C541126

• Ne0nd0g/merlin

  Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

  Language:Go5.1k801

• BC-SECURITY/Empire

  Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

  Language:PowerShell4.2k575

• cobbr/Covenant

  Covenant is a collaborative .NET C2 framework for red teamers.

  Language:C#4.2k767

• BishopFox/sliver

  Adversary Emulation Framework

  Language:Go8.3k1.1k

• dropbox/zxcvbn

  Low-Budget Password Strength Estimation

  Language:CoffeeScript15k934

• Kevin-Robertson/Tater

  Tater is a PowerShell implementation of the Hot Potato Windows Privilege Escalation exploit from @breenmachine and @foxglovesec

  Language:PowerShell447116

• Arvanaghi/SessionGopher

  SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

  Language:PowerShell1.2k169

• dafthack/PowerMeta

  PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonly found in metadata are usernames, domains, software titles, and computer names.

  Language:PowerShell541115

• GreatSCT/GreatSCT

  The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.

  Language:Python1.1k199

• matterpreter/OffensiveCSharp

  Collection of Offensive C# Tooling

  Language:C#1.4k243