ch1jske1's Stars
grimlockx/ADCSKiller
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
ihebski/DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
S3cur3Th1sSh1t/SharpNamedPipePTH
Pass the Hash to a named pipe for token Impersonation
Anteste/WebMap
A Python tool used to automate the execution of the following tools : Nmap , Nikto and Dirsearch but also to automate the report generation during a Web Penetration Testing
davidprowe/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
HarmJ0y/CheatSheets
Cheat sheets for various projects.
BloodHoundAD/SharpHound2
The Old BloodHound C# Ingestor (Deprecated)
CompassSecurity/BloodHoundQueries
byt3bl33d3r/OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
BishopFox/sliver
Adversary Emulation Framework
six2dez/OneListForAll
Rockyou for web fuzzing
initstring/passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
nil0x42/duplicut
Remove duplicates from MASSIVE wordlist, without sorting it (for dictionary-based password cracking)
atredispartners/flamingo
Flamingo captures credentials sprayed across the network by various IT and security products.
Flangvik/SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
dirkjanm/mitm6
pwning IPv4 via IPv6
tijldeneut/Security
General Security Scripts
infosecn1nja/MaliciousMacroMSBuild
Generates Malicious Macro and Execute Powershell or Shellcode via MSBuild Application Whitelisting Bypass.
Orange-Cyberdefense/arsenal
Arsenal is just a quick inventory and launcher for hacking programs
FSecureLABS/SharpGPOAbuse
SharpGPOAbuse is a .NET application written in C# that can be used to take advantage of a user's edit rights on a Group Policy Object (GPO) in order to compromise the objects that are controlled by that GPO.
BankSecurity/Red_Team
Some scripts useful for red team activities
systeminsecure/Documents
m4l1c3/kali-setup
setup script for a fresh kali install
odedshimon/BruteShark
Network Analysis Tool
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
Integration-IT/Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
shelld3v/JSshell
JSshell - JavaScript reverse/remote shell
allanlw/svg-cheatsheet
A cheatsheet for exploiting server-side SVG processors.
payloadbox/xss-payload-list
🎯 Cross Site Scripting ( XSS ) Vulnerability Payload List
login-securite/lsassy
Extract credentials from lsass remotely