asvprael's Stars
josevcm/nfc-laboratory
NFC signal and protocol analyzer using SDR receiver
m3n0sd0n4ld/uDork
uDork is a script written in Bash Scripting that uses advanced Google search techniques to obtain sensitive information in files or directories, find IoT devices, detect versions of web applications, and so on.
m3n0sd0n4ld/GooFuzz
GooFuzz is a tool to perform fuzzing with an OSINT approach, managing to enumerate directories, files, subdomains or parameters without leaving evidence on the target's server and by means of advanced Google searches (Google Dorking).
rf-peixoto/kain
eml metadata parser.
NUL0x4C/EtwSessionHijacking
A Poc on blocking Procmon from monitoring network events
daem0nc0re/TangledWinExec
PoCs and tools for investigation of Windows process execution techniques
malienist/lupo
Lupo - Malware IOC Extractor. Debugging module for Malware Analysis Automation
dievus/lnkbomb
Malicious shortcut generator for collecting NTLM hashes from insecure file shares.
Johnng007/Live-Forensicator
A suite of Tools to aid Incidence Response and Live Forensics for - Windows (Powershell) | Linux (Bash) | MacOS (Shell)
davidprowe/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
ustayready/fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
spacehuhn/ArduinoPcap
A library for creating and sending .pcap files for Wireshark and other programms.
mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
last-byte/PersistenceSniper
Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte
p0dalirius/Awesome-RCE-techniques
Awesome list of step by step techniques to achieve Remote Code Execution on various apps!
t3l3machus/hoaxshell
A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.
rootm0s/Injectors
💉 DLL/Shellcode injection techniques
rootm0s/WinPwnage
UAC bypass, Elevate, Persistence methods
diversenok/TokenUniverse
An advanced tool for working with access tokens and Windows security policy.
visma-prodsec/columbo
Columbo is a computer forensic analysis tool used to simplify and identify specific patterns in compromised datasets.
visma-prodsec/confused
Tool to check for dependency confusion vulnerabilities in multiple package management systems
d4rckh/grc2
grim reaper c2
JavierOlmedo/shodan-filters
A list of shodan filters
Fahrj/reverse-ssh
Statically-linked ssh server with reverse shell functionality for CTFs and such
ahhh/Reverse_SSH_Shell
A reverse ssh shell written in python, intended for penetration testers to use as a covert channel on windows
daniellowrie/update_script
Fileless "malware" that bypasses Windows Defender using PowerShell and obfuscation
byt3bl33d3r/OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
witnessmenow/TweESP32
And Twitter API library for the ESP32 that can tweet
m3rcer/Chisel-Strike
A .NET XOR encrypted cobalt strike aggressor implementation for chisel to utilize faster proxy and advanced socks5 capabilities.
t3l3machus/toxssin
An XSS exploitation command-line interface and payload generator.