gitcomrade's Stars
yampelo/beagle
Beagle is an incident response and digital forensics tool which transforms security logs and data into graphs.
dan-v/awslambdaproxy
An AWS Lambda powered HTTP/SOCKS web proxy
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
bluscreenofjeff/Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
RhinoSecurityLabs/GCPBucketBrute
A script to enumerate Google Storage buckets, determine what access you have to them, and determine if they can be privilege escalated.
Oros42/IMSI-catcher
This program show you IMSI numbers of cellphones around you.
ctxis/beemka
Basic Electron Exploitation
sysdream/chashell
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Dliv3/Venom
Venom - A Multi-hop Proxy for Penetration Testers
clr2of8/CookieCrimesJS
A cross-platform one-liner to steal a user's cookies from Chrome <- cool
pownjs/recon
A powerful target reconnaissance framework powered by graph theory.
proxycannon/proxycannon-ng
A private botnet using multiple cloud environments for pentesters and red teamers. - Built by the community during a hackathon at the WWHF 2018 security conference
cryptag/leapchat
Ephemeral, encrypted, in-browser chat rooms
cryptocat/cryptocat
Secure chat software for your computer.
its-a-feature/Mythic
A collaborative, multi-platform, red teaming framework
depthsecurity/armory
Armory is a tool meant to take in a lot of external and discovery data from a lot of tools, add it to a database and correlate all of related information.
cobbr/Covenant
Covenant is a collaborative .NET C2 framework for red teamers.
outflanknl/RedELK
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
ufrisk/MemProcFS
MemProcFS
CHEF-KOCH/Online-Privacy-Test-Resource-List
Privacy Online Test and Resource Compendium (POTARC) 🕵🏻
firehol/blocklist-ipsets
ipsets dynamically updated with firehol's update-ipsets.sh script
asciinema/asciinema
Terminal session recorder 📹
TypeError/domained
Multi Tool Subdomain Enumeration
assafmo/xioc
Extract indicators of compromise from text, including "escaped" ones.
drk1wi/Modlishka
Modlishka. Reverse Proxy.
infosecn1nja/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
bl4de/dictionaries
Misc dictionaries for directory/file enumeration, username enumeration, password dictionary/bruteforce attacks
sud0woodo/DCOMrade
Powershell script for enumerating vulnerable DCOM Applications
Kevin-Robertson/Powermad
PowerShell MachineAccountQuota and DNS exploit tools
GhostManager/DomainCheck
DomainCheck is designed to assist operators with monitoring changes related to their domain names. This includes negative changes in categorization, VirusTotal detections, and appearances on malware blacklists. DomainCheck currently works only with NameCheap.