gitcomrade's Stars
djsime1/awesome-flipperzero
🐬 A collection of awesome resources for the Flipper Zero device.
ffuf/ffuf
Fast web fuzzer written in Go
BishopFox/sliver
Adversary Emulation Framework
BishopFox/unredacter
Never ever ever use pixelation as a redaction technique
yogeshojha/rengine
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.
zmap/zmap
ZMap is a fast single packet network scanner designed for Internet-wide network surveys.
Bo0oM/fuzz.txt
Potentially dangerous files
mrd0x/BITB
Browser In The Browser (BITB) Templates
optiv/Freeze
Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods
spyboy-productions/CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
Flangvik/TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
ksharinarayanan/SSRFire
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
mgeeky/RedWarden
Cobalt Strike C2 Reverse proxy that fends off Blue Teams, AVs, EDRs, scanners through packet inspection and malleable profile correlation
JoelGMSec/EvilnoVNC
Ready to go Phishing Platform
t4d/StalkPhish
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
SpecterOps/Nemesis
An offensive data enrichment pipeline
drb-ra/C2IntelFeeds
Automatically created C2 Feeds
mbrg/power-pwn
An offensive and defensive security toolset for Microsoft 365 Power Platform
tls-attacker/TLS-Scanner
The TLS-Scanner Module from TLS-Attacker
Tw1sm/RITM
Roast in the Middle
reveng007/SharpGmailC2
Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol
misterch0c/what_is_this_c2
For all these times you're asking yourself "what is this panel again?"
c6fc/warcannon
High speed/Low cost CommonCrawl RegExp in Node.js
ACE-Responder/RogueSliver
A suite of tools to disrupt campaigns using the Sliver C2 framework.
PortSwigger/dastardly-github-action
Runs a scan using Dastardly by Burp Suite against a target site and creates a JUnit XML report for the scan on completion.
righel/gitlab-version-nse
Nmap script to guess* a GitLab version.
vmware-labs/attack-surface-framework
Tool to discover external and internal network attack surface
stanford-esrg/lzr
LZR quickly detects and fingerprints unexpected services running on unexpected ports.
ZephrFish/F5-CVE-2022-1388-Exploit
Exploit and Check Script for CVE 2022-1388
netskopeoss/phish_oauth
POC code to explore phishing attacks using OAuth 2.0 authorization flows, such as the device authorization grant.