l00pb4ck's Stars
mzfr/go-gtfo
gtfo, now with the speed of golang
ikatyang/emoji-cheat-sheet
A markdown version emoji cheat sheet
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
dafthack/MailSniper
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
SigmaHQ/sigma
Main Sigma Rule Repository
GhostPack/Rubeus
Trying to tame the three-headed dog.
KDE/audex
Tool for ripping compact discs
mailhog/MailHog
Web and API based SMTP testing
gophish/gophish
Open-Source Phishing Toolkit
mitre/caldera
Automated Adversary Emulation Platform
hfiref0x/UACME
Defeating Windows User Account Control
dafthack/PowerMeta
PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonly found in metadata are usernames, domains, software titles, and computer names.
lair-framework/lair
Lair is a reactive attack collaboration framework and web application built with meteor.
cytopia/pwncat
pwncat - netcat on steroids with Firewall, IDS/IPS evasion, bind and reverse shell, self-injecting shell and port forwarding magic - and its fully scriptable with Python (PSE)
OlivierLaflamme/Cheatsheet-God
Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet
PacktWorkshops/The-Python-Workshop
A New, Interactive Approach to Learning Python
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
OWASP/OWASP-VWAD
:warning: This repo is no longer in use. Please refer to https://github.com/OWASP/www-project-vulnerable-web-applications-directory
rabobank-cdc/DeTTECT
Detect Tactics, Techniques & Combat Threats
Srinivas11789/PcapXray
:snowflake: PcapXray - A Network Forensics Tool - To visualize a Packet Capture offline as a Network Diagram including device identification, highlight important communication and file extraction
SpecterOps/at-ps
Adversary Tactics - PowerShell Training
nathanlopez/Stitch
Python Remote Administration Tool (RAT)
notasausage/pi-hole-unbound-wireguard
Turning your Raspberry Pi into an ad-blocking VPN with built-in DNS resolution using Pi-Hole, Unbound & WireGuard.
cclabsInc/RFCrack
A Software Defined Radio Attack Tool
byt3bl33d3r/SILENTTRINITY
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
initstring/passphrase-wordlist
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
JoelGMSec/AutoRDPwn
The Shadow Attack Framework
mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
p3nt4/MagicCopy
Powershell script to exfiltrate large files quickly and securely
SecWiki/windows-kernel-exploits
windows-kernel-exploits Windows平台提权漏洞集合