dzflack

dzflack's Stars

• ant-design/ant-design

  An enterprise-class UI design language and React UI library

  Language:TypeScript93.9k24231k51.4k

• juliocesarfort/public-pentesting-reports

  A list of public penetration test reports published by several consulting firms and academic security groups.

  Language:HTML8.7k501182k

• majd/ipatool

  Command-line tool that allows searching and downloading app packages (known as ipa files) from the iOS App Store

  Language:Go6.4k57233543

• ropnop/kerbrute

  A tool to perform Kerberos pre-auth bruteforcing

  Language:Go2.8k2441432

• dafthack/CloudPentestCheatsheets

  This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

  2.6k1031524

• dirkjanm/ROADtools

  A collection of Azure AD/Entra tools for offensive and defensive security purposes

  Language:Python2.1k4767291

• saljam/webwormhole

  Peer authenticated WebRTC.

  Language:Go1.8k277293

• mandatoryprogrammer/xsshunter-express

  An easy-to-setup version of XSS Hunter. Sets up in five minutes and requires no maintenance!

  Language:JavaScript1.8k1026349

• Azure/Stormspotter

  Azure Red Team tool for graphing Azure and Azure Active Directory objects

  Language:Python1.6k5530203

• m8sec/CrossLinked

  LinkedIn enumeration tool to extract valid employee names from an organization through search engine scraping

  Language:Python1.3k2918183

• mgeeky/RedWarden

  Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation

  Language:Python9522021143

• xuanxuan0/DripLoader

  Evasive shellcode loader for bypassing event-based injection detection (PoC)

  Language:C++748152123

• CCob/BOF.NET

  A .NET Runtime for Cobalt Strike's Beacon Object Files

  Language:C698176103

• cfalta/adsec

  An introduction to Active Directory security

  Language:PowerShell64224387

• threatexpress/cs2modrewrite

  Convert Cobalt Strike profiles to modrewrite scripts

  Language:Python592204115

• ajpc500/BOFs

  Collection of Beacon Object Files

  Language:C572181113

• vysecurity/DomainFrontingLists

  A list of Domain Frontable Domains by CDN

  56929399

• cvilsmeier/sqinn-go

  Golang SQLite without cgo

  Language:Go4425816

• xforcered/InvisibilityCloak

  Proof-of-concept obfuscation toolkit for C# post-exploitation tools

  Language:Python4173075

• GoSecure/pywsus

  Standalone implementation of a part of the WSUS spec. Built for offensive security purposes.

  Language:Python303281044

• byt3bl33d3r/pyMalleableC2

  Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.

  Language:Python27214230

• ramen0x3f/AggressorScripts

  Language:Python27219149

• outflanknl/FindObjects-BOF

  A Cobalt Strike Beacon Object File (BOF) project which uses direct system calls to enumerate processes for specific loaded modules or process handles.

  Language:C26717047

• EncodeGroup/UAC-SilentClean

  New UAC bypass for Silent Cleanup for CobaltStrike

  Language:C#1919130

• NetSPI/DAFT

  DAFT: Database Audit Framework & Toolkit

  Language:C#1788246

• G0ldenGunSec/SharpTransactedLoad

  Load .net assemblies from memory while having them appear to be loaded from an on-disk location.

  Language:C#1633024

• mdsecactivebreach/SharpPack

  An Insider Threat Toolkit

  Language:Batchfile1496034

• MartinIngesen/MSOLSpray

  A Python implementation of dafthack's MSOLSpray. A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

  Language:Python873217

• RiccardoAncarani/bloodhound-playbook

  Reproducible and extensible BloodHound playbooks

  Language:Python42307

• fly-apps/smokescreen

  An example of deploying Smokescreen on Fly.io

  Language:Go40505