rainbowspec's Stars
alex/what-happens-when
An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"
rancher/rancher
Complete container management platform
Gallopsled/pwntools
CTF framework and exploit development library
redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
lockfale/OSINT-Framework
OSINT Framework
LordNoteworthy/al-khaser
Public malware techniques used in the wild: Virtual Machine, Emulation, Debuggers, Sandbox detection.
commixproject/commix
Automated All-in-One OS Command Injection Exploitation Tool.
khast3x/h8mail
Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email
trustedsec/unicorn
Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.
gwen001/pentest-tools
A collection of custom security tools for quick needs.
rewardone/OSCPRepo
A list of commands, scripts, resources, and more that I have gathered and attempted to consolidate for use as OSCP (and more) study material. Commands in 'Usefulcommands' Keepnote. Bookmarks and reading material in 'BookmarkList' CherryTree. Reconscan Py2 and Py3. Custom ISO building.
hmgle/graftcp
A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
dafthack/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
lucasjacks0n/EggShell
iOS/macOS/Linux Remote Administration Tool
trimstray/iptables-essentials
Iptables Essentials: Common Firewall Rules and Commands.
oetiker/SmokePing
The Active Monitoring System
nccgroup/redsnarf
RedSnarf is a pen-testing / red-teaming tool for Windows environments
RestCheatSheet/api-cheat-sheet
API Design Guidelines and Best Practices Cheat Sheet
vysecurity/RedTips
Red Team Tips as posted by @vysecurity on Twitter
hash3liZer/WiFiBroot
A Wireless (WPA/WPA2) Pentest/Cracking tool. Captures & Crack 4-way handshake and PMKID key. Also, supports a deauthentication/jammer mode for stress testing
Coalfire-Research/Red-Baron
Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.
gaulliath/operative-framework
operative framework is a rust investigation OSINT framework, you can interact with multiple targets, execute multiple modules, create links with target, export rapport to PDF file, add note to target or results, interact with RESTFul API, write your own modules.
emilyanncr/Windows-Post-Exploitation
Windows post-exploitation tools, resources, techniques and commands to use during post-exploitation phase of penetration test. Contributions are appreciated. Enjoy!
quickbreach/SMBetray
SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over the wire in cleartext.
franccesco/getaltname
Extract subdomains from SSL certificates in HTTPS sites.
dave-theunsub/clamtk
An easy to use, light-weight, on-demand virus scanner for Linux systems
linuz/Sticky-Keys-Slayer
Scans for accessibility tools backdoors via RDP
0x36/VPNPivot
Explore the network using VPNPivot tool
infosec-au/enumXFF
Enumerating IPs in X-Forwarded-Headers to bypass 403 restrictions
Damian89/xssfinder
Toolset for detecting reflected xss in websites