nullarmor's Stars
globocom/secDevLabs
A laboratory for learning secure web and mobile development in a practical manner.
d0nkeys/redteam
Red Team Scripts by d0nkeys (ex SnadoTeam)
kgretzky/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
github/semantic
Parsing, analyzing, and comparing source code across many languages
zeropwn/spyse.py
Python API wrapper and command-line client for the tools hosted on spyse.com.
GTFOBins/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
drk1wi/Modlishka
Modlishka. Reverse Proxy.
0x00-0x00/ShellPop
Pop shells like a master.
s0md3v/nano
Nano is a family of PHP web shells which are code golfed for stealth.
milo2012/ipv4Bypass
Using IPv6 to Bypass Security
Findomain/Findomain
The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.
zardus/ctf-tools
Some setup scripts for security research tools.
facebookarchive/WEASEL
DNS covert channel implant for Red Teams.
aas-n/spraykatz
Credentials gathering tool automating remote procdump and parse of lsass process.
mubix/post-exploitation
Post Exploitation Collection
Gallopsled/pwntools-write-ups
A colleciton of CTF write-ups all using pwntools
Escapingbug/awesome-browser-exploit
awesome list of browser exploitation tutorials
lucyoa/kernel-exploits
apsdehal/awesome-ctf
A curated list of CTF frameworks, libraries, resources and softwares
analysis-tools-dev/static-analysis
⚙️ A curated list of static analysis (SAST) tools and linters for all programming languages, config files, build tools, and more. The focus is on tools which improve code quality.
intel/cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
joho/awesome-code-review
An "Awesome" list of code review resources - articles, papers, tools, etc
0v3rride/Simple-PowerShell-HTTP-File-Server
A crude and simple HTTP File Server PowerShell Script
0v3rride/Enum4LinuxPy
Everyone's favorite SMB/SAMBA/CIFS enumeration tool ported over to Python.
GlasgowEmbedded/glasgow
Scots Army Knife for electronics
decoder-it/psgetsystem
getsystem via parent process using ps1 & embeded c#
paralax/awesome-honeypots
an awesome list of honeypot resources
xct/ropstar
Automatic exploit generation for simple linux pwn challenges.
wolfcw/libfaketime
libfaketime modifies the system time for a single application
b4rtik/metasploit-execute-assembly
Custom Metasploit post module to executing a .NET Assembly from Meterpreter session