mrpinghe's Stars
ine-labs/AWSGoat
AWSGoat : A Damn Vulnerable AWS Infrastructure
nirajchoubey12/hacking-resources
This will contain notes , techniques and tools used for pentesting
ahertel/Amazon-Fresh-Whole-Foods-delivery-slot-finder
A Mac tool that finds available delivery slots for Amazon's Whole Foods delivery and Amazon Fresh services
mitre-attack/tram
Threat Report ATT&CK™ Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.
herrbischoff/awesome-macos-command-line
Use your macOS terminal shell to do awesome things.
LOLBAS-Project/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
GTFOBins/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
orangetw/awesome-jenkins-rce-2019
There is no pre-auth RCE in Jenkins since May 2017, but this is the one!
Illuminopi/RCEvil.NET
knownsec/pocsuite3
pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.
mandiant/PwnAuth
trailofbits/algo
Set up a personal VPN in the cloud
geerlingguy/mac-dev-playbook
Mac setup and configuration via Ansible.
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
leebaird/discover
Custom bash scripts used to automate various penetration testing tasks including recon, scanning, enumeration, and malicious payload creation using Metasploit. For use with Kali Linux.
s0md3v/XSStrike
Most advanced XSS scanner.
RhinoSecurityLabs/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool
hackgnar/ble_ctf
A Bluetooth low energy capture the flag
rauchg/spot
Tiny file search utility (bash)
harleyQu1nn/AggressorScripts
Collection of Aggressor scripts for Cobalt Strike 3.0+ pulled from multiple sources
bluscreenofjeff/Malleable-C2-Randomizer
A script to randomize Cobalt Strike Malleable C2 profiles and reduce the chances of flagging signature-based detection controls
segmentio/daydream
A chrome extension to record your actions into a nightmare or puppeteer script
fuzzdb-project/fuzzdb
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
danielmiessler/SecLists
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.
RsaCtfTool/RsaCtfTool
RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data
offdev/zwsp-steg-js
Zero-Width Space Steganography, encodes/decodes hidden messages as non printable/readable characters.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
jpillora/chisel
A fast TCP/UDP tunnel over HTTP
rasta-mouse/Sherlock
PowerShell script to quickly find missing software patches for local privilege escalation vulnerabilities.
decalage2/oletools
oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.