EncryptedSheep's Stars
NetSPI/BurpExtractor
A Burp extension for generic extraction and reuse of data within HTTP requests and responses.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
PortSwigger/turbo-intruder
Turbo Intruder is a Burp Suite extension for sending large numbers of HTTP requests and analyzing the results.
justinsteven/dostackbufferoverflowgood
trustedsec/egressbuster
Egressbuster is a method to check egress filtering and identify if ports are allowed. If they are, you can automatically spawn a shell.
quasar/Quasar
Remote Administration Tool for Windows
joxeankoret/CVE-2017-7494
Remote root exploit for the SAMBA CVE-2017-7494 vulnerability
Dhayalanb/windows-php-reverse-shell
Simple php reverse shell implemented using binary .
x0rz/EQGRP_Lost_in_Translation
Decrypted content of odd.tar.xz.gpg, swift.tar.xz.gpg and windows.tar.xz.gpg
sshuttle/sshuttle
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
RamadhanAmizudin/malware
Malware Samples. Uploaded to GitHub for those want to analyse the code. Code mostly from: http://www.malwaretech.com
mikaelkall/OSCP-cheat-sheet
Offensive Security Certified Professional ( Preparation documentation )
RackunSec/Penetration-Testing-Grimoire
Custom Tools and Notes from my own Penetration Testing Experience
byt3bl33d3r/CrackMapExec
A swiss army knife for pentesting networks
sense-of-security/ADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
recordedfuture/rfapi-python
Python library for using the Recorded Future API
ustayready/CredSniper
CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.
drk1wi/portspoof
Portspoof
RedSiege/EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
ustayready/CredKing
Password spraying using AWS Lambda for IP rotation
frostbits-security/SIET
Smart Install Exploitation Tool
DShield-ISC/dshield
DShield Raspberry Pi Sensor
insidetrust/statistically-likely-usernames
Wordlists for creating statistically likely username lists for use in password attacks and security testing
blues-clues-security/HypePKR
"Hype Packer" AKA Hyper-Kinetic Position Reverser is a vBA script to reformat and coalesce Nessus output into a more readable and succinct format
huntergregal/mimipenguin
A tool to dump the login password from the current linux user
Security-Onion-Solutions/security-onion
Security Onion 16.04 - Linux distro for threat hunting, enterprise security monitoring, and log management
berzerk0/Probable-Wordlists
Version 2 is live! Wordlists sorted by probability originally created for password generation and testing - make sure your passwords aren't popular!
mdsecactivebreach/SharpShooter
Payload Generation Framework
rapid7/metasploit-framework
Metasploit Framework