rkotlarz-zz's Stars
SpiderLabs/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
CredDefense/CredDefense
Credential and Red Teaming Defense for Windows Environments
RedSiege/Just-Metadata
Just-Metadata is a tool that gathers and analyzes metadata about IP addresses. It attempts to find relationships between systems within a large dataset.
RedSiege/WMIOps
This repo is for WMIOps, a powershell script which uses WMI for various purposes across a network.
ChrisTruncer/PenTestScripts
Scripts that are useful for me on pen tests
RedSiege/Egress-Assess
Egress-Assess is a tool used to test egress data detection capabilities
RedSiege/EyeWitness
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
dafthack/EmailAddressMangler
This module mangles two lists of names together to generate a list of potential email addresses or usernames. It can also be used to simply combine a list of full names in the format (firstname lastname) into either email addresses or usernames.
dafthack/PowerWebShot
A PowerShell tool for taking screenshots of multiple web servers quickly.
dafthack/HostRecon
This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.
dafthack/DomainPasswordSpray
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!
dafthack/PowerMeta
PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonly found in metadata are usernames, domains, software titles, and computer names.
itext/itextsharp
[DEPRECATED] .NET port of the iText library, only security fixes will be added — please use iText for .NET
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
microsoft/BaselineManagement
Conversion tool used to Convert Group Policy baselines into DSC
microsoft/DSCEA
DSC Environment Analyzer (DSCEA) is a simple implementation of PowerShell Desired State Configuration that uses the declarative nature of DSC to scan systems in an environment against a defined reference MOF file and generate compliance reports as to whether systems match the desired configuration.
mitre/mitre.github.io
Open Source software from The MITRE Corporation
mitre/vulnerable-mobile-apps
Vulnerator/Vulnerator
The official distribution of the vulnerability parsing utility.
OVALProject/Language
The OVAL Language Schemas
OVALProject/Test-Content
A set of OVAL Definitions that provides a simple way to test the capability of OVAL Definition Evaluators.
OVALProject/ovalproject.github.io
OVAL Documentation