felajan's Stars
RustScan/RustScan
🤖 The Modern Port Scanner 🤖
mandiant/flare-floss
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.
gquere/pwn_jenkins
Notes about attacking Jenkins servers
volatilityfoundation/volatility3
Volatility 3.0 development
webfp/tor-browser-selenium
Tor Browser automation with Selenium.
MunGell/awesome-for-beginners
A list of awesome beginners-friendly projects.
mozilla/geckodriver
WebDriver for Firefox
pentestmonkey/windows-privesc-check
Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems
fingerprintjs/fingerprintjs
The most advanced browser fingerprinting library.
Askannz/msi-perkeyrgb
Linux CLI tool to control per-key RGB lighting on MSI laptops.
jhaddix/tbhm
The Bug Hunters Methodology
kgretzky/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
rebootuser/LinEnum
Scripted Local Linux Enumeration & Privilege Escalation Checks
LOLBAS-Project/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
GTFOBins/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
libfuse/sshfs
A network filesystem client to connect to SSH servers
OJ/gobuster
Directory/File, DNS and VHost busting tool written in Go
tennc/webshell
This is a webshell open source project
epinna/tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
frohoff/ysoserial
A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
foospidy/payloads
Git All the Payloads! A collection of web attack payloads.
RetireJS/retire.js
scanner detecting the use of JavaScript libraries with known vulnerabilities. Can also generate an SBOM of the libraries it finds.
RhinoSecurityLabs/Security-Research
Exploits written by the Rhino Security Labs team
HatBashBR/HatCloud
discontinued
hashcat/hashcat
World's fastest and most advanced password recovery utility
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
beefproject/beef
The Browser Exploitation Framework Project
epsylon/xsser
Cross Site "Scripter" (aka XSSer) is an automatic -framework- to detect, exploit and report XSS vulnerabilities in web-based applications.
trustedsec/social-engineer-toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.