e0x70i's Stars
owasp-amass/amass
In-depth attack surface mapping and asset discovery
OWASP/owasp-mastg
The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).
mandiant/flare-vm
A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.
michenriksen/aquatone
A Tool for Domain Flyovers
ticarpi/jwt_tool
:snake: A toolkit for testing, tweaking and cracking JSON Web Tokens
mwilliamson/mammoth.js
Convert Word documents (.docx files) to HTML
blacklanternsecurity/bbot
A recursive internet scanner for hackers.
TheWover/donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
gquere/pwn_jenkins
Notes about attacking Jenkins servers
GhostManager/Ghostwriter
The SpecterOps project management and reporting engine
mykter/afl-training
Exercises to learn how to fuzz with American Fuzzy Lop
login-securite/DonPAPI
Dumping DPAPI credz remotely
redcanaryco/mac-monitor
Red Canary Mac Monitor is an advanced, stand-alone system monitoring tool tailor-made for macOS security research. Beginning with Endpoint Security (ES), it collects and enriches system events, displaying them graphically, with an expansive feature set designed to reduce noise.
clr2of8/DPAT
Domain Password Audit Tool for Pentesters
0xthirteen/MoveKit
Cobalt Strike kit for Lateral Movement
l0ss/Grouper2
Find vulnerabilities in AD Group Policy
s0md3v/goop
Google Search Scraper
nilotpalbiswas/Auto-Root-Exploit
Auto Root Exploit Tool
byt3bl33d3r/OffensiveDLR
Toolbox containing research notes & PoC code for weaponizing .NET's DLR
0xthirteen/StayKit
Cobalt Strike kit for Persistence
tevora-threat/Scout
Surveillance Detection Scout: Your Lookout on Autopilot
dlenski/gp-saml-gui
Interactively authenticate to GlobalProtect VPNs that require SAML
zeroSteiner/crimson-forge
Sustainable shellcode evasion
Rhynorater/Okta-Password-Sprayer
This script is a multi-threaded Okta password sprayer.
daddycocoaman/IronPentest
Collection of IronPython scripts and executables for penetration testing
dev-2null/ADIDNSRecords
Alternative C# Implementation tool to retrieve Active Directory Integrated DNS records with IP addresses
denniskniep/GQLRaider
GQL Burp Extension
tevora-threat/c2_reporter
Ingests logs/dbs from cobalt and empire and outputs an excel report with activity, sessions, and credentials
salesforce/lightning-burp
Saritasa/html_docx