GazettEl's Stars
itm4n/VBA-RunPE
A VBA implementation of the RunPE technique or how to bypass application whitelisting.
netstalking-core/netstalking-osint
Коллекция материалов по OSINT для нетсталкинга
ShawnDEvans/smbmap
SMBMap is a handy SMB enumeration tool
htr-tech/zphisher
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
safebuffer/vulnerable-AD
Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合
abatchy17/WindowsExploits
Windows exploits, mostly precompiled. Not being updated. Check https://github.com/SecWiki/windows-kernel-exploits instead.
lucyoa/kernel-exploits
MrCl0wnLab/SimplesApachePathTraversal
Tool check: CVE-2021-41773, CVE-2021-42013, CVE-2020-17519
D4Vinci/One-Lin3r
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
dwisiswant0/apkleaks
Scanning APK file for URIs, endpoints & secrets.
RhinoSecurityLabs/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
swisskyrepo/GraphQLmap
GraphQLmap is a scripting engine to interact with a graphql endpoint for pentesting purposes. - Do not use for illegal testing ;)
Cgboal/SonarSearch
A rapid API for the Project Sonar dataset
tomnomnom/waybackurls
Fetch all the URLs that the Wayback Machine knows about for a domain
tomnomnom/assetfinder
Find domains and subdomains related to a given domain
rootsecdev/Azure-Red-Team
Azure Security Resources and Notes
noraj/OSCP-Exam-Report-Template-Markdown
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
Orange-Cyberdefense/arsenal
Arsenal is just a quick inventory and launcher for hacking programs
Lucksi/Mr.Holmes
A Complete Osint Tool :mag:
Orange-Cyberdefense/GOAD
game of active directory
Asabeneh/30-Days-Of-JavaScript
30 days of JavaScript programming challenge is a step-by-step guide to learn JavaScript programming language in 30 days. This challenge may take more than 100 days, please just follow your own pace. These videos may help too: https://www.youtube.com/channel/UC7PNRuno1rzYPb1xLa4yktw
ShutdownRepo/targetedKerberoast
Kerberoast with ACL abuse capabilities
BloodHoundAD/BloodHound
Six Degrees of Domain Admin
evilmog/ntlmv1-multi
NTLMv1 Multitool
OWASP/CheatSheetSeries
The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.
RhinoSecurityLabs/Cloud-Security-Research
Cloud-related research releases from the Rhino Security Labs team.
TheRook/subbrute
A DNS meta-query spider that enumerates DNS records, and subdomains.
mirfansulaiman/Command-Mobile-Penetration-Testing-Cheatsheet
Mobile penetration testing android & iOS command cheatsheet