A collection of useful GitHub projects loosely categorised. I may end up adding non-GitHub projects + KB-style links for topics.
-
ODAT Oracle Database Attack Tool:
-
clusterd framework, attacking JBoss, CF, WebLogic, Tomcat, Railo, Axis2, Glassfish:
-
JexBoss - Jboss verify and EXploitation Tool:
-
The Backdoor Factory Proxy (BDFProxy):
-
impacket:
-
CrackMapExec Windows/Active Directory swiss army knife:
-
commix:
-
beef-drive, beef framework with WebRTC:
-
VirtuaPlant Industrial Control Systems simulator:
-
Responder, LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication:
-
WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections:
-
Potato, NTLM relay PrivEsc:
-
jdwp-shellifier (Java Debug Wire Protocol):
-
foxglovesec JavaUnserializeExploits:
-
KeeFarce, extraction of KeePass 2.x password database information from memory:
-
Wolves Among the Sheep, MD5 hash collision:
-
TDL (Turla Driver Loader). Driver loader for bypassing Windows x64 Driver Signature Enforcement:
-
PowerSploit - A PowerShell Post-Exploitation Framework:
-
PowerShellArsenal, PowerShell Module Dedicated to Reverse Engineering:
-
PowerShell - Live disk forensics platform:
-
PowerMemory:
-
Inveigh, LLMNR/NBNS spoofer/man-in-the-middle tool:
-
Tater, PowerShell implementation of Hot Potato PrivEsc:
-
Powershell to CodeExecution and ProcessInjection:
-
p0wnedShell, PowerShell Runspace Post Exploitation Toolkit:
-
OutlookPersistence:
-
CTF-Workshop:
-
ctf-tools:
-
pwntools, CTF framework used by Gallopsled:
-
Awesome CTF, tool list:
-
binjitsu:
-
32/64 bit Intel shellcode for CTF style exploitation:
-
preeny, payloads for binary patching:
-
Eh'Trace (pronounced ATrace) is a binary tracing tool for Windows:
-
flare-ida, IDA Pro scripts and plugins by the FireEye FLARE team:
-
Qira, timeless debugger:
-
Binary Ninja Python:
-
radare2:
-
Triton dynamic binary analysis framework:
-
angr binary analysis framework:
-
Capstone disassembly/disassembler framework:
-
Snowman Decompiler:
-
Pin unpacking and anti-evasion:
-
tesseract-ocr:
-
xortool, analyze multi-byte xor cipher:
-
flare-floss, FireEye Obfuscated String Solver:
-
FernFlower Java decompiler:
-
dbSypy, .NET assembly editor, decompiler, and debugger:
-
JPEXS Free Flash Decompiler:
-
Robust ABC (ActionScript Bytecode) [Dis-]Assembler (RABCDAsm):
-
CTF write-ups by PPP:
-
CTFs -> CTF write-up's:
-
Modern Binary Exploitation RPISEC:
-
HeXA CTF Platform:
-
CTFd:
-
Christmas-CTF:
-
CTF scoreboard:
-
GRR Rapid Response:
-
Viper, Binary analysis framework:
-
yara:
-
Course materials for Malware Analysis by RPISEC (2015):
-
APTnotes, various public documents, whitepapers and articles about APT campaigns:
-
HellKitty-In-VC Ring3 Rootkit:
-
PowerWorm, PowerShell-based malware:
-
Anti Sandbox and Anti Virtual Machine Tool:
-
JSDetox, JavaScript deobfuscation:
-
CapTipper, analyze, explore and revive HTTP malicious traffic: