gymR4T

gymR4T's Stars

• evilsocket/legba

  A multiprotocol credentials bruteforcer / password sprayer and enumerator. 🥷

  Language:Rust1.5k86

• vulncheck-oss/cisco-ios-xe-implant-scanner

  A go-exploit to scan for implanted Cisco IOS XE Systems

  Language:Go405

• hoodoer/JS-Tap

  JavaScript payload and supporting software to be used as XSS payload or post exploitation implant to monitor users as they use the targeted application. Also includes a C2 for executing custom JavaScript payloads in clients, and a "mimic" feature that automatically generates custom payloads.

  Language:JavaScript34836

• dafthack/GraphRunner

  A Post-exploitation Toolset for Interacting with the Microsoft Graph API

  Language:PowerShell1k113

• Raz0r/aemscan

  Adobe Experience Manager Vulnerability Scanner

  Language:Python18251

• 0ang3el/aem-hacker

  Language:Python782167

• apache/superset

  Apache Superset is a Data Visualization and Data Exploration Platform

  Language:TypeScript63.8k14.2k

• synacktiv/nord-stream

  Nord Stream is a tool that allows you to extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab.

  Language:Python26616

• aaron-costello/ServiceNow-Schema

  A shortlist of core ServiceNow tables.

  141

• OffcierCia/non-typical-OSINT-guide

  The most unusual OSINT guide you've ever seen. The repository is intended for bored professionals only. PRs are welcome!

  1.1k91

• freelawproject/courts-db

  A database of courts, tests and other experiments

  Language:Python6317

• usdAG/FlowMate

  FlowMate, a BurpSuite extension that brings taint analysis to web applications, by tracking all parameters send to a target application and matches their occurrences in the responses.

  Language:Java1579

• bsysop/servicenow

  ServiceNow widge-simple-list misconfiguration scanner

  Language:Python6232

• olafhartong/DefenderHarvester

  Expose a lot of MDE telemetry that is not easily accessible in any searchable form

  Language:Go1025

• kiwids0220/deviceCode2WinHello

  A small script that automates Entra ID persistence with Windows Hello For Business key

  Language:Python494

• Onapsis/onapsis_icmad_scanner

  Language:Python4523

• qtc-de/rpv-web

  rpv-web is a browser based frontend for the rpv library

  Language:Vue25

• qtc-de/rpv

  rpv is a v library for analyzing RPC servers and interfaces on the Windows operating system

  Language:V33

• icyguider/LatLoader

  PoC module to demonstrate automated lateral movement with the Havoc C2 framework.

  Language:C++27933

• wbenny/KSOCKET

  KSOCKET provides a very basic example how to make a network connections in the Windows Driver by using WSK

  Language:C481130

• omnivore-app/omnivore

  Omnivore is a complete, open source read-it-later solution for people who like reading.

  Language:TypeScript14.2k1.1k

• connormcgarr/EATGuard

  Implementation of an export address table protection mitigation, like Export Address Filtering (EAF)

  Language:C++9520

• sidaf/moonshine

  Language:C++6812

• Mazars-Tech/AD_Miner

  AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses

  Language:JavaScript1.2k120

• Chocapikk/CVE-2023-29357

  Microsoft SharePoint Server Elevation of Privilege Vulnerability

  Language:Python23031

• M01N-Team/HeaderLessPE

  Language:C23831

• blacklanternsecurity/public-dns-servers

  A CI/CD-verified list of the internet's known-good public DNS servers (from public-dns.info) Updated weekly!

  Language:Python233

• codewhitesec/daphne

  Proof-of-Concept to evade auditd by tampering via ptrace

  Language:C163

• codewhitesec/apollon

  Proof-of-Concept to evade auditd by writing /proc/PID/mem

  Language:C207

• redskal/SharpAzbelt

  .NET port of Leron Gray's azbelt tool.

  Language:C#267