Tom-H-

Tom-H-'s Stars

• hackerscrolls/SecurityTips

  990167

• wireghoul/graudit

  grep rough audit - source code auditing tool

  Language:Shell1.5k244

• andrewjkerr/security-cheatsheets

  🔒 A collection of cheatsheets for various infosec tools and topics.

  1.3k530

• enjoiz/XXEinjector

  Tool for automatic exploitation of XXE vulnerability using direct and different out of band methods.

  Language:Ruby1.5k313

• snoopysecurity/awesome-burp-extensions

  A curated list of amazingly awesome Burp Extensions

  3k593

• P4T12ICK/Sigma-Hunting-App

  A Splunk App containing Sigma detection rules, which can be updated from a Git repository.

  Language:Python10722

• olafhartong/ThreatHunting

  A Splunk app mapped to MITRE ATT&CK to guide your threat hunts

  1.1k179

• arkime/arkime

  Arkime is an open source, large scale, full packet capturing, indexing, and database system.

  Language:JavaScript6.3k1k

• NationalSecurityAgency/ghidra

  Ghidra is a software reverse engineering (SRE) framework

  Language:Java52.1k5.9k

• cs01/pyxtermjs

  A fully functional terminal in your browser.

  Language:Python36595

• FreeRADIUS/freeradius-server

  FreeRADIUS - A multi-protocol policy server.

  Language:C2.1k1.1k

• netwrix/pingcastle

  PingCastle - Get Active Directory Security at 80% in 20% of the time

  Language:C#2.4k292

• GostCryptTeam/gostcrypt

  Open-source Virtual Disk Encryption Software

  Language:C++5

• jivoi/awesome-osint

  :scream: A curated list of amazingly awesome OSINT

  19.2k2.8k

• sonertari/SSLproxy

  Transparent SSL/TLS proxy for decrypting and diverting network traffic to other programs, such as UTM services, for deep SSL inspection

  Language:C389102

• yeyintminthuhtut/Awesome-Red-Teaming

  List of Awesome Red Teaming Resources

  6.9k1.7k

• phaag/nfdump

  Netflow processing tools

  Language:C790206

• MISP/misp-training

  MISP trainings, threat intel and information sharing training materials with source code

  Language:TeX39086

• infosecn1nja/AD-Attack-Defense

  Attack and defend active directory using modern post exploitation adversary tradecraft activity

  4.4k1k

• PaulSec/awesome-windows-domain-hardening

  A curated list of awesome Security Hardening techniques for Windows.

  1.8k265

• danielmiessler/SecLists

  SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

  Language:PHP58.9k24k

• swisskyrepo/PayloadsAllTheThings

  A list of useful payloads and bypass for Web Application Security and Pentest/CTF

  Language:Python61.6k14.7k

• w181496/Web-CTF-Cheatsheet

  Web CTF CheatSheet 🐈

  Language:Ruby2.7k550

• bluscreenofjeff/Red-Team-Infrastructure-Wiki

  Wiki to collect Red Team infrastructure hardening resources

  4.2k903

• infosecn1nja/Red-Teaming-Toolkit

  This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

  9.1k2.2k

• SySS-Research/Seth

  Perform a MitM attack and extract clear text credentials from RDP connections

  Language:Python1.4k321

• vulnersCom/nmap-vulners

  NSE script based on Vulners.com API

  Language:Lua3.2k547

• kahun/awesome-sysadmin

  A curated list of amazingly awesome open source sysadmin resources inspired by Awesome PHP.

  23.8k2.9k

• trimstray/the-book-of-secret-knowledge

  A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.

  150k9.6k

• gentilkiwi/mimikatz

  A little tool to play with Windows security

  Language:C19.5k3.7k