benpratt's Stars
smicallef/spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
librespeed/speedtest
Self-hosted Speed Test for HTML5 and more. Easy setup, examples, configurable, mobile friendly. Supports PHP, Node, Multiple servers, and more
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
aboul3la/Sublist3r
Fast subdomains enumeration tool for penetration testers
GreyDGL/PentestGPT
A GPT-empowered penetration testing tool
infobyte/faraday
Open Source Vulnerability Management Platform
guelfoweb/knock
Knock Subdomain Scan
scipag/vulscan
Advanced vulnerability scanning with Nmap NSE
vulnersCom/nmap-vulners
NSE script based on Vulners.com API
mitre-attack/attack-navigator
Web app that provides basic navigation and annotation of ATT&CK matrices
digininja/CeWL
CeWL is a Custom Word List Generator
ustayready/fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
dafthack/MFASweep
A tool for checking if MFA is enabled on multiple Microsoft Services
blacklanternsecurity/TREVORspray
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
insidetrust/statistically-likely-usernames
Wordlists for creating statistically likely username lists for use in password attacks and security testing
dafthack/MSOLSpray
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
leoloobeek/LAPSToolkit
Tool to audit and attack LAPS environments
ine-labs/AzureGoat
AzureGoat : A Damn Vulnerable Azure Infrastructure
iknowjason/PurpleCloud
A little tool to play with Azure Identity - Azure Active Directory lab creation tool
rfidtool/ESP-RFID-Tool
A tool for logging data/testing devices with a Wiegand Interface. Can be used to create a portable RFID reader or installed directly into an existing installation. Provides access to a web based interface using WiFi in AP or Client mode. Will work with nearly all devices that contain a standard 5V Wiegand interface. Primary target group is 26-37bit HID Cards. Similar to the Tastic RFID Thief, Blekey, and ESPKey.
MarkoH17/Spray365
Spray365 makes spraying Microsoft accounts (Office 365 / Azure AD) easy through its customizable two-step password spraying approach. The built-in execution plan features options that attempt to bypass Azure Smart Lockout and insecure conditional access policies.
leoloobeek/COMProxy
PoC for proxying COM objects when hijacking
leafcloudhq/echoip
IP address lookup service
p3hndrx/B-B-Shuffle
Dashboard for conducting Backdoors and Breaches sessions over Zoom.
ImpostorKeanu/BruteLoops
Protocol agnostic online password guessing API.
alex14324/Turbolist3r
eNBeWe/Safe-Autodialer
RiverGumSecurity/PythonReferenceSheet
ad0nis/tools
Operational toolset utilizing git's submodule feature