Pinned Repositories
API-Security-Checklist
Checklist of the most important security countermeasures when designing, testing, and releasing your API
eko15
Material utilizado en el Workshop de Red Teaming en el 2019 para la edicion 15 de la Eko
ekoparty2015
Material utilizado en los Workshops de Ekoparty 2015
h8mail
Email OSINT and password breach hunting. Use h8mail to find passwords through different breach and reconnaissance services, or the infamous Breached Compilation torrent
LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
Open-SecTraining
Scripts usados en los entrenamientos de Open-Sec - Publicos y modificados o creados por el Core Team de Open-Sec.
OSEH
Open-Sec Ethical Hacker
Pentesting
RedTeaming
Open-Sec's Repositories
Open-Sec/Convoluted-Phishing-Payload-CPP
Batch file code for the convoluted phishing payload blog post at www.acenyethehackerguy.com
Open-Sec/SintinePowerOutlook
Malicious (Meterpreter) Add-in for Outlook
Open-Sec/DEFCON26
Open-Sec/evilginx
PLEASE USE NEW VERSION: https://github.com/kgretzky/evilginx2
Open-Sec/sleepy-puppy
Sleepy Puppy XSS Payload Management Framework
Open-Sec/rtfm
A database of common, interesting or useful commands, in one handy referable form
Open-Sec/mimipenguin
A tool to dump the login password from the current linux user
Open-Sec/BeRoot
Privilege Escalation Project - Windows / Linux / Mac
Open-Sec/odat
ODAT: Oracle Database Attacking Tool
Open-Sec/ekoparty2015
Material utilizado en los Workshops de Ekoparty 2015
Open-Sec/domained
Subdomain Enumeration
Open-Sec/punch-q
👊A small utility to play with IBM MQ
Open-Sec/dirsearch
Web path scanner
Open-Sec/Robber
Robber is open source tool for finding executables prone to DLL hijacking
Open-Sec/weirdAAL
WeirdAAL (AWS Attack Library)
Open-Sec/WinPwnage
💻 Elevate, UAC bypass, persistence, privilege escalation, dll hijack techniques
Open-Sec/Bad-Pdf
Steal NTLM Hashes with Bad-PDF
Open-Sec/UACME
Defeating Windows User Account Control
Open-Sec/snallygaster
Tool to scan for secret files on HTTP servers
Open-Sec/GatherContacts
A Burp Suite Extension to pull Employee Names from Google and Bing LinkedIn Search Results
Open-Sec/Security-Research
Exploits written by the Rhino Security Labs team
Open-Sec/bug-bounty-reference
Inspired by https://github.com/djadmin/awesome-bug-bounty, a list of bug bounty write-up that is categorized by the bug nature
Open-Sec/workshop_mobile
Ta
Open-Sec/CACTUSTORCH
CACTUSTORCH: Payload Generation for Adversary Simulations
Open-Sec/Sublist3r
Fast subdomains enumeration tool for penetration testers
Open-Sec/JShell
JShell - Get a JavaScript shell with XSS.
Open-Sec/nodejssecurity
Documentation for Essential Node.js Security
Open-Sec/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
Open-Sec/Office-DDE-Payloads
Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.
Open-Sec/MS17-010
MS17-010