carnal0wnage
twitter: @carnal0wnage talks: http://www.slideshare.net/chrisgates blog: http://carnal0wnage.attackresearch.com/
carnal0wnage's Stars
liamg/traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
progrium/macdriver
Native Mac APIs for Go. Soon to be renamed DarwinKit!
optiv/ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
NetSPI/MicroBurst
A collection of scripts for assessing Microsoft Azure security
1ndianl33t/Bug-Bounty-Roadmaps
Bug Bounty Roadmaps
WithSecureLabs/C3
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.
corneliusweig/rakkess
Review Access - kubectl plugin to show an access matrix for k8s server resources
alphasoc/flightsim
A utility to safely generate malicious network traffic patterns and evaluate controls.
cyberark/kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in Golang, focused on containerized environments.
0xthirteen/SharpRDP
Remote Desktop Protocol .NET Console Application for Authenticated Command Execution
Aetsu/OffensivePipeline
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
Accenture/jenkins-attack-framework
JamesCooteUK/SharpSphere
.NET Project for Attacking vCenter
aufzayed/bugbounty
Bugbounty Resources
mitre-attack/attack-arsenal
A collection of red team and adversary emulation resources developed and released by MITRE.
chrissanders/packets
Packet Captures
facebookincubator/TTPForge
The TTPForge is a Cybersecurity Framework for developing, automating, and executing attacker Tactics, Techniques, and Procedures (TTPs).
sbousseaden/PCAP-ATTACK
PCAP Samples for Different Post Exploitation Techniques
initstring/uptux
Linux privilege escalation checks (systemd, dbus, socket fun, etc)
we45/ThreatPlaybook
A unified DevSecOps Framework that allows you to go from iterative, collaborative Threat Modeling to Application Security Test Orchestration
cldrn/macphish
Office for Mac Macro Payload Generator
detectify/vulnerable-nginx
An intentionally vulnerable NGINX setup
oliverwiegers/pentest_lab
Local penetration testing lab using docker-compose.
3xpl01tc0d3r/Callidus
ashirt-ops/ashirt-server
Adversary Simulators High-Fidelity Intelligence and Reporting Toolkit
rvrsh3ll/SharpExcel4-DCOM
Port of Invoke-Excel4DCOM
malware-unicorn/macho_shellcode_extractor
extracts shellcode from a nasm compile macho binary
PwnDexter/FindFrontableDomains
Forked and updated with some additional features over the original
pandazheng/DylibHijack
python utilities related to dylib hijacking on OS X