Pinned Repositories
ARPER
ARPER is an arp cache poisoning tool, it sends spoofed address resolution protocol messages onto a local area network. It has the ability to arp-poison multiple-host systems.
awesome-threat-intelligence
A curated list of Awesome Threat Intelligence resources
blackhat-arsenal-tools
Official Black Hat Arsenal Security Tools Repository
catphish
CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.
CobaltStrike-ToolKit
Some useful scripts for CobaltStrike
Concierge
Currently: Exploit scripts for HID EVO door controllers--- Future: Exploit framework for Physical Access Control/Monitoring Systems
darktoken
Leveraging OAuth 2.0 to steal organization data for red team operations.
RedTeam-Tactics-and-Techniques
Red Teaming Tactics and Techniques
SENUM
SENUM is a collection of attack/exploit scripts that allows security professionals to automate tasks much faster, so they can focus on something else more important. In the current version, SENUM only has two attack modules: SSLStripping module, and Image Sniffing module.
Weaponry
A collection of tools for every PENTEST engagement
ring0lab's Repositories
ring0lab/catphish
CATPHISH project - For phishing and corporate espionage. Perfect for RED TEAM.
ring0lab/Weaponry
A collection of tools for every PENTEST engagement
ring0lab/darktoken
Leveraging OAuth 2.0 to steal organization data for red team operations.
ring0lab/RedTeam-Tactics-and-Techniques
Red Teaming Tactics and Techniques
ring0lab/Goreport
A Python script to collect campaign data from Gophish and generate a report
ring0lab/lyncsmash
locate and attack Lync/Skype for Business
ring0lab/amass
In-depth subdomain enumeration written in Go
ring0lab/Amass-1
In-depth DNS Enumeration and Network Mapping
ring0lab/checkO365
checkO365 is a tool to check if a target domain is using O365
ring0lab/cmdw
Command line wrapper to support logging start/stop times of executed commands
ring0lab/CPLResourceRunner
Run shellcode from resource
ring0lab/enum4linux
enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts.
ring0lab/evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
ring0lab/EWSToolkit
Setting malicious Outlook configurations through EWS
ring0lab/ExchangeRelayX
An NTLM relay tool to the EWS endpoint for on-premise exchange servers. Provides an OWA for hackers.
ring0lab/LyncSniper
LyncSniper: A tool for penetration testing Skype for Business and Lync deployments
ring0lab/OS-CFDB
Open Source - Common Findings DataBase (JSON & MD)
ring0lab/SafetyKatz
SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader
ring0lab/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
ring0lab/self-morphing-csharp-binary
C# binary that mutates its own code, encrypts and obfuscates itself on runtime
ring0lab/SharpDump
SharpDump is a C# port of PowerSploit's Out-Minidump.ps1 functionality.
ring0lab/SharpRoast
SharpRoast is a C# port of various PowerView's Kerberoasting functionality.
ring0lab/SharpSpray
SharpSpray a simple code set to perform a password spraying attack against all users of a domain using LDAP and is compatible with Cobaltstrike.
ring0lab/SharpUp
SharpUp is a C# port of various PowerUp functionality.
ring0lab/SharpWMI
SharpWMI is a C# implementation of various WMI functionality.
ring0lab/SMBetray
SMB MiTM tool with a focus on attacking clients through file content swapping, lnk swapping, as well as compromising any data passed over the wire in cleartext.
ring0lab/TikiTorch
Process Hollowing
ring0lab/Tokenvator
A tool to elevate privilege with Windows Tokens
ring0lab/Tunable-SSL-Validator
A .Net class and PowerShell module to enable best practices for SSL validation even with self-signed certificates.
ring0lab/WheresMyImplant
A Bring Your Own Land Toolkit that Doubles as a WMI Provider