ackmoon-one's Stars
Mayyhem/Maestro
Abusing Intune for Lateral Movement over C2
Angels-Ray/UnpackMiniApp
UnpackMiniApp小程序解密备份
skelsec/pypykatz
Mimikatz implementation in pure Python
OWASP/Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
murat-exp/EDR-Antivirus-Bypass-to-Gain-Shell-Access
EDR & Antivirus Bypass to Gain Shell Access
7etsuo/windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
superbrothers/opener
Open URL in your local web browser from the SSH-connected remote environment.
dafthack/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
HadessCS/Red-team-Interview-Questions
Red team Interview Questions
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
EvilBytecode/GoRedOps
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
intigriti/misconfig-mapper
Misconfig Mapper is a fast tool to help you uncover security misconfigurations on popular third-party services used by your company and/or bug bounty targets!
v1s1t0r1sh3r3/airgeddon
This is a multi-use bash script for Linux systems to audit wireless networks.
HernanRodriguez1/SharpBruteForceSSH
pr0xylife/Latrodectus
S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
MattKeeley/Spoofy
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records.
login-securite/lsassy
Extract credentials from lsass remotely
reveng007/DarkWidow
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
imran-parray/Mind-Maps
Mind-Maps of Several Things
indetectables-net/toolkit
The essential toolkit for reversing, malware analysis, and cracking
marcosValle/awesome-windows-red-team
A curated list of awesome Windows frameworks, libraries, software and resources for Red Teams
Cracked5pider/Stardust
A modern 64-bit position independent implant template
Psmths/windows-forensic-artifacts
Handbook of windows forensic artifacts across multiple Windows version with interpretation tips and some examples. Work in progress!
narfindustries/http-garden
Differential fuzzing REPL for HTTP implementations.
RedSiege/Jigsaw
Hide shellcode by shuffling bytes into a random array and reconstruct at runtime
Lu3ky13/Bypass-Reset-Password-Code-Lead-to-Account-Takeover
Bypass Reset Password Code Lead to Account Takeover
h4x0r-dz/CVE-2024-3400
CVE-2024-3400 Palo Alto OS Command Injection
6abd/horus
An OSINT / digital forensics tool built in Python
puzzlepeaches/ffufw