cnmiller's Stars
djsime1/awesome-flipperzero
🐬 A collection of awesome resources for the Flipper Zero device.
apify/crawlee
Crawlee—A web scraping and browser automation library for Node.js to build reliable crawlers. In JavaScript and TypeScript. Extract data for AI, LLMs, RAG, or GPTs. Download HTML, PDF, JPG, PNG, and other files from websites. Works with Puppeteer, Playwright, Cheerio, JSDOM, and raw HTTP. Both headful and headless mode. With proxy rotation.
BishopFox/sliver
Adversary Emulation Framework
lgandx/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
its-a-feature/Mythic
A collaborative, multi-platform, red teaming framework
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
trustedsec/hate_crack
A tool for automating cracking methodologies through Hashcat from the TrustedSec team.
trickest/wordlists
Real-world infosec wordlists, updated regularly
GhostManager/Ghostwriter
The SpecterOps project management and reporting engine
enzymefinance/oyente
An Analysis Tool for Smart Contracts
xnl-h4ck3r/GAP-Burp-Extension
Burp Extension to find potential endpoints, parameters, and generate a custom target wordlist
xnl-h4ck3r/xnLinkFinder
A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given target
tillson/git-hound
Reconnaissance tool for GitHub code search. Scans for exposed API keys across all of GitHub, not just known repos and orgs.
hausec/PowerZure
PowerShell framework to assess Azure security
login-securite/DonPAPI
Dumping DPAPI credz remotely
mgeeky/RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
chrislockard/api_wordlist
A wordlist of API names for web application assessments
hausec/Bloodhound-Custom-Queries
Custom Query list for the Bloodhound GUI based off my cheatsheet
trickest/resolvers
The most exhaustive list of reliable DNS resolvers.
nullt3r/jfscan
JF⚡can - Super fast port scanning & service discovery using Masscan and Nmap. Scan large networks with Masscan and use Nmap's scripting abilities to discover information about services. Generate report.
mazen160/server-status_PWN
A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.
clem9669/hashcat-rule
Rule for hashcat or john. Aiming to crack how people generate their password
redhuntlabs/HTTPLoot
An automated tool which can simultaneously crawl, fill forms, trigger error/debug pages and "loot" secrets out of the client-facing code of sites.
xnl-h4ck3r/urless
De-clutter a list of URLs
trickest/mksub
Generate tens of thousands of subdomain combinations in a matter of seconds
paranoidninja/O365-Doppelganger
A quick handy script to harvest credentials off of a user during a Red Team and get execution of a file from the user
xnl-h4ck3r/knoxnl
This is a python wrapper around the amazing KNOXSS API by Brute Logic
trickest/mkpath
Make URL path combinations using a wordlist
r3s-ost/5head
Network penetration testing toolset wrapper