jtomkiel's Stars
kubescape/kubescape
Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
dnSpyEx/dnSpy
Unofficial revival of the well known .NET debugger and assembly editor, dnSpy
RoganDawes/P4wnP1_aloa
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".
ekzhang/rustpad
Efficient and minimal collaborative code editor, self-hosted, no database required
SnaffCon/Snaffler
a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )
elliotchance/c2go
⚖️ A tool for transpiling C to Go.
topotam/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
sysdream/ligolo
Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/
GhostPack/Certify
Active Directory certificate abuse.
Yaxser/Backstab
A tool to kill antimalware protected processes
facebook/mariana-trench
A security focused static analysis tool for Android and Java applications.
med0x2e/SigFlip
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
cfalta/MicrosoftWontFixList
A list of vulnerabilities or design flaws that Microsoft does not intend to fix. Since the number is growing, I decided to make a list. This list covers only vulnerabilities that came up in July 2021 (and SpoolSample ;-))
tanc7/EXOCET-AV-Evasion
EXOCET - AV-evading, undetectable, payload delivery tool
pwnesia/dnstake
DNSTake — A fast tool to check missing hosted DNS zones that can lead to subdomain takeover
bats3c/ADCSPwn
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
dirkjanm/PKINITtools
Tools for Kerberos PKINIT and relaying to AD CS
knight0x07/ImpulsiveDLLHijack
C# based tool which automates the process of discovering and exploiting DLL Hijacks in target binaries. The Hijacked paths discovered can later be weaponized during Red Team Operations to evade EDR's.
boku7/spawn
Cobalt Strike BOF that spawns a sacrificial process, injects it with shellcode, and executes payload. Built to evade EDR/UserLand hooks by spawning sacrificial process with Arbitrary Code Guard (ACG), BlockDll, and PPID spoofing.
nettitude/RunPE
C# Reflective loader for unmanaged binaries.
APTortellini/unDefender
Killing your preferred antimalware by abusing native symbolic links and NT paths.
RiccardoAncarani/LiquidSnake
LiquidSnake is a tool that allows operators to perform fileless lateral movement using WMI Event Subscriptions and GadgetToJScript
improsec/ImproHound
Identify the attack paths in BloodHound breaking your AD tiering
zer1t0/certi
ADCS abuser
wdahlenburg/interactsh-collaborator
Burpsuite plugin for Interact.sh
xforcered/WFH
mobdk/Upsilon
Upsilon execute shellcode with syscalls - no API like NtProtectVirtualMemory is used
DarkCoderSc/inno-shellcode-example
Run shellcode through InnoSetup code engine.
Flangvik/ADCSPwn
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
PortSwigger/hackbar
HackBar plugin for Burpsuite