mlinton's Stars
s0md3v/XSStrike
Most advanced XSS scanner.
ins1gn1a/Pwdlyser-CLI
Python-based CLI Password Analyser (Reporting Tool)
almandin/fuxploider
File upload vulnerability scanner and exploitation tool.
LOLBAS-Project/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
rvrsh3ll/FindFrontableDomains
Search for potential frontable domains
rvrsh3ll/Misc-Powershell-Scripts
Random Tools
FSecureLABS/Azurite
Enumeration and reconnaissance activities in the Microsoft Azure Cloud.
nccgroup/ssh_user_enum
SSH User Enumeration Script in Python Using The Timing Attack
jhaddix/tbhm
The Bug Hunters Methodology
trailofbits/algo
Set up a personal VPN in the cloud
hdm/mac-ages
MAC address age tracking
Gilks/hostscan-bypass
Generate OpenConnect CSD files to bypass Cisco AnyConnect hostscan requirements
AlessandroZ/BeRoot
Privilege Escalation Project - Windows / Linux / Mac
lanjelot/patator
Patator is a multi-purpose brute-forcer, with a modular design and a flexible usage.
dflabs/NAT
No-Script Automation Tool
Ice3man543/SubOver
A Powerful Subdomain Takeover Tool
0x00-0x00/ShellPop
Pop shells like a master.
D4Vinci/Cr3dOv3r
Know the dangers of credential reuse attacks.
m8sec/nullinux
Internal penetration testing tool for Linux that can be used to enumerate OS information, domain information, shares, directories, and users through SMB.
ohpe/juicy-potato
A sugared version of RottenPotatoNG, with a bit of juice, i.e. another Local Privilege Escalation tool, from a Windows Service Accounts to NT AUTHORITY\SYSTEM.
m8sec/pymeta
Utility to download and extract document metadata from an organization. This technique can be used to identify: domains, usernames, software/version numbers and naming conventions.
fridgehead/Powershell-SSHTools
A bunch of useful SSH tools for powershell
utkusen/firstorder
A traffic analyzer to evade Empire's communication from Anomaly-Based IDS
Tuhinshubhra/CMSeeK
CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs
archerysec/archerysec
ASOC, ASPM, DevSecOps, Vulnerability Management Using ArcherySec.
silentsignal/wpc-ps
Windows Privesc Check - PowerShell
MindPointGroup/cloudfrunt
A tool for identifying misconfigured CloudFront domains
dirkjanm/ldapdomaindump
Active Directory information dumper via LDAP
Mr-Un1k0d3r/ThunderShell
Python / C# Unmanaged PowerShell based RAT
activecm/rita-legacy
Real Intelligence Threat Analytics (RITA) is a framework for detecting command and control communication through network traffic analysis.