mrpinghe's Stars
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
trailofbits/algo
Set up a personal VPN in the cloud
herrbischoff/awesome-macos-command-line
Use your macOS terminal shell to do awesome things.
jpillora/chisel
A fast TCP/UDP tunnel over HTTP
s0md3v/XSStrike
Most advanced XSS scanner.
GTFOBins/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
LOLBAS-Project/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
geerlingguy/mac-dev-playbook
Mac setup and configuration via Ansible.
RsaCtfTool/RsaCtfTool
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
knownsec/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
leebaird/discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
RhinoSecurityLabs/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
decalage2/oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.
segmentio/daydream
A chrome extension to record your actions into a nightmare or puppeteer script
rasta-mouse/Sherlock
PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
harleyQu1nn/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
ahertel/Amazon-Fresh-Whole-Foods-delivery-slot-finder
A Mac tool that finds available delivery slots for Amazon's Whole Foods delivery and Amazon Fresh services
rauchg/spot
Tiny file search utility (bash)
hackgnar/ble_ctf
A Bluetooth low energy capture the flag
orangetw/awesome-jenkins-rce-2019
There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
bluscreenofjeff/Malleable-C2-Randomizer
A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls
mandiant/PwnAuth
mitre-attack/tram
Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
Illuminopi/RCEvil.NET
offdev/zwsp-steg-js
Zero-Width Space Steganography, encodes/decodes hidden messages as non printable/readable characters.
nirajchoubey12/hacking-resources
This will contain notes , techniques and tools used for pentesting