msimon96

msimon96's Stars

• logangoins/Cable

  .NET post-exploitation toolkit for Active Directory reconnaissance and exploitation

  Language:C#15615

• mazen160/server-status_PWN

  A script that monitors and extracts requested URLs and clients connected to the service by exploiting publicly accessible Apache server-status instances.

  Language:Python42978

• Octoberfest7/Secure_Stager

  An x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution

  Language:C13424

• scs-labrat/windows-theme-attack

  This project demonstrates an attack that leverages Windows theme files (`.theme`) in conjunction with NTLM credential capture and steganography.

  Language:Python3

• anonymous300502/Nuke-AMSI

  NukeAMSI is a powerful tool designed to neutralize the Antimalware Scan Interface (AMSI) in Windows environments.

  Language:PowerShell9424

• outflanknl/C2-Tool-Collection

  A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

  Language:C1.1k195

• safedv/RustVEHSyscalls

  Rust port of LayeredSyscall, designed to perform indirect syscalls while generating legitimate API call stack frames by abusing Vectored Exception Handling (VEH) to bypass user-land EDR hooks in Windows.

  Language:Rust8811

• netero1010/EDRSilencer

  A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

  Language:C1.5k185

• streaak/keyhacks

  Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

  5k1k

• Zarcolio/sitedorks

  Search Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection.

  Language:Python885113

• Aegrah/PANIX

  Customizable Linux Persistence Tool for Security Research and Detection Engineering.

  Language:Shell41042

• safedv/Rustic64

  64-bit, position-independent implant template for Windows in Rust.

  Language:Rust7414

• improsec/ImproHound

  Identify the attack paths in BloodHound breaking your AD tiering

  Language:C#30734

• safedv/RustiveDump

  LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, and remote file transmission.

  Language:Rust24332

• j3ssie/osmedeus

  A Workflow Engine for Offensive Security

  Language:Go5.3k877

• CyberSecurityUP/OSCE3-Complete-Guide

  OSWE, OSEP, OSED, OSEE

  2.6k551

• CyberSecurityUP/EDR-Assessment

  This repository contains a comprehensive testing designed for evaluating the performance and resilience of Endpoint Detection and Response (EDR) systems

  467

• tsale/EDR-Telemetry

  This project aims to compare and evaluate the telemetry of various EDR products.

  Language:Python1.7k157

• cpu0x00/Ghost

  Evasive shellcode loader

  Language:C++23141

• St3v3nsS/MMSF

  Massive Mobile Security Framework

  Language:Python25238

• TeneBrae93/xss-cookie-stealer

  Simple Python script that will set up a PHP server for stealing cookies - and provided the payload needed.

  Language:Python204

• prasadpanchbhai/CertifiedAppsecPractitioner

  Since the SecOps Group has offered free certification to Certified Appsec Practitioner I will be creating notes here. I will be working on the Certified Appsec Practitioner.

  3212

• blink-zero/kali-2024.1-preseed

  This repository contains a preseed configuration file for automated installation of Kali Linux.

  Language:HCL4

• badsectorlabs/sccm-http-looter

  Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)

  Language:Go16216

• 0xEr3bus/RdpStrike

  Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP.

  Language:C22726

• a7t0fwa7/DllDragon

  A simple to use single-include Windows API resolver

  Language:C++173

• sevagas/macro_pack

  macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.

  Language:Python2.2k405

• AdrianVollmer/PowerHub

  A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting

  Language:PowerShell755121

• stivenhacker/EchoStrike

  Deploy reverse shells and perform stealthy process injection with EchoStrike – a Go-based tool for ethical hacking and Red Team operations.

  Language:Go15525

• Malfrats/xeuledoc

  Fetch information about a public Google document.

  Language:Python84490