e0x70i

e0x70i's Stars

• owasp-amass/amass

  In-depth attack surface mapping and asset discovery

  Language:Go11.9k2106481.9k

• OWASP/owasp-mastg

  The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

  Language:Python11.7k4231.1k2.3k

• mandiant/flare-vm

  A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

  Language:PowerShell6.4k199508904

• michenriksen/aquatone

  A Tool for Domain Flyovers

  Language:Go5.6k1360873

• ticarpi/jwt_tool

  :snake: A toolkit for testing, tweaking and cracking JSON Web Tokens

  Language:Python5.3k6478668

• mwilliamson/mammoth.js

  Convert Word documents (.docx files) to HTML

  Language:JavaScript4.9k71355536

• blacklanternsecurity/bbot

  A recursive internet scanner for hackers.

  Language:Python4.6k37815411

• TheWover/donut

  Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

  Language:C3.5k78104628

• gquere/pwn_jenkins

  Notes about attacking Jenkins servers

  Language:Python1.9k462321

• GhostManager/Ghostwriter

  The SpecterOps project management and reporting engine

  Language:Python1.3k29265181

• mykter/afl-training

  Exercises to learn how to fuzz with American Fuzzy Lop

  Language:C1.2k3119195

• login-securite/DonPAPI

  Dumping DPAPI credz remotely

  Language:Python9471931112

• redcanaryco/mac-monitor

  Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.

  Language:Swift915303144

• clr2of8/DPAT

  Domain Password Audit Tool for Pentesters

  Language:Python8944912154

• 0xthirteen/MoveKit

  Cobalt Strike kit for Lateral Movement

  Language:C#641181106

• l0ss/Grouper2

  Find vulnerabilities in AD Group Policy

  641209384

• s0md3v/goop

  Google Search Scraper

  Language:Python565216105

• nilotpalbiswas/Auto-Root-Exploit

  Auto Root Exploit Tool

  Language:Shell528292162

• byt3bl33d3r/OffensiveDLR

  Toolbox containing research notes & PoC code for weaponizing .NET's DLR

  Language:PowerShell512251112

• 0xthirteen/StayKit

  Cobalt Strike kit for Persistence

  46216274

• tevora-threat/Scout

  Surveillance Detection Scout: Your Lookout on Autopilot

  Language:Vue368592558

• dlenski/gp-saml-gui

  Interactively authenticate to GlobalProtect VPNs that require SAML

  Language:Python29786667

• zeroSteiner/crimson-forge

  Sustainable shellcode evasion

  Language:Python106449

• Rhynorater/Okta-Password-Sprayer

  This script is a multi-threaded Okta password sprayer.

  Language:Python672016

• daddycocoaman/IronPentest

  Collection of IronPython scripts and executables for penetration testing

  Language:Python55309

• dev-2null/ADIDNSRecords

  Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses

  Language:C#48005

• denniskniep/GQLRaider

  GQL Burp Extension

  Language:Java215414

• tevora-threat/c2_reporter

  Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials

  Language:Python20403

• salesforce/lightning-burp

  Language:Java10507

• Saritasa/html_docx

  Language:Python1301