Syrkadian's Stars
CyberSecurityUP/OSCE3-Complete-Guide
OSWE, OSEP, OSED, OSEE
GhostManager/Ghostwriter
The SpecterOps project management and reporting engine
ProfessionallyEvil/bloodhound-elementary
Command line tool for analyzing .json files generated by bloodhound.py or sharphound for use in Bloodhound.
pwnlandia/mhn
Modern Honey Network
activecm/BeaKer
Beacon Kibana Executable Report. Aggregates Sysmon Network Events With Elasticsearch and Kibana
citronneur/pamspy
Credentials Dumper for Linux using eBPF
kraken-ng/Kraken
Kraken, a modular multi-language webshell coded by @secu_x11
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
python-poetry/poetry
Python packaging and dependency management made easy
vectra-ai-research/MAAD-AF
MAAD Attack Framework - An attack tool for simple, fast & effective security testing of M365 & Entra ID (Azure AD).
TCM-Course-Resources/Open-Source-Intellingence-Resources
Compilation of Resources from TCM's OSINT Course
JPCERTCC/LogonTracer
Investigate malicious Windows logon by visualizing and analyzing Windows event log
sans-blue-team/DeepBlueCLI
Octoberfest7/MemFiles
A CobaltStrike toolkit to write files produced by Beacon to memory instead of disk
six2dez/reconftw
reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities
sc1341/InstagramOSINT
An Instagram Open Source Intelligence Tool - Archive
SecurityRiskAdvisors/indexes
Test case indexes
RhinoSecurityLabs/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
blackarrowsec/redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team
jpillora/chisel
A fast TCP/UDP tunnel over HTTP
RhinoSecurityLabs/pacu
The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.
drk1wi/Modlishka
Modlishka. Reverse Proxy.
interference-security/nessus_parser
Nessus Parser
dafthack/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
dafthack/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
PlumHound/PlumHound
Bloodhound Reporting for Blue and Purple Teams
AppliedPurpleTeaming/APT-PreReqs
Applied Purple Teaming Course Pre-Requisites
rvrsh3ll/FindFrontableDomains
Search for potential frontable domains