robvinson's Stars
NetSPI/silkwasm
HTML Smuggling with Web Assembly
iddoeldor/frida-snippets
Hand-crafted Frida examples
Dr-TSNG/Hide-My-Applist
An Xposed module to intercept applist detections
d07RiV/devilution
Diablo devolved - magic behind the 1996 computer game
mandiant/Ghidrathon
The FLARE team's open-source extension to add Python 3 scripting to Ghidra.
assetnote/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
nxenon/h2spacex
HTTP/2 Single Packet Attack low Level Library / Tool based on Scapy + Exploit Timing Attacks
sw33tLie/bbscope
Scope gathering tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!
BishopFox/h2csmuggler
HTTP Request Smuggling over HTTP/2 Cleartext (h2c)
robiot/rustcat
Rustcat(rcat) - The modern Port listener and Reverse shell
zidansec/CloudPeler
CrimeFlare is a useful tool for bypassing websites protected by CloudFlare WAF, with this tool you can easily see the real IP of websites that have been protected by CloudFlare. The resulting information is certainly very useful for conducting further penetration testing, and analyzing websites with the same server.
blevesearch/bleve
A modern text/numeric/geo-spatial/vector indexing library for go
RicoSuter/VisualJsonEditor
A JSON schema based file editor for Windows.
BC-SECURITY/Moriarty
Moriarty is designed to enumerate missing KBs, detect various vulnerabilities, and suggest potential exploits for Privilege Escalation in Windows environments.
4ra1n/java-gate
Java JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders
sevagas/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
EvanMcBroom/lsa-whisperer
Tools for interacting with authentication packages using their individual message protocols
osmedeus/osmedeus-workflow
Community Workflow for the Osmedeus Engine that describes basic reconnaissance methodology for you to build your own
osmedeus/osmedeus-base
Build your own reconnaissance system with Osmedeus Next Generation
SpecterOps/Nemesis
An offensive data enrichment pipeline
secureworks/aristotle
xairy/raw-gadget
USB Raw Gadget — a low-level interface for the Linux USB Gadget subsystem
redballoonsecurity/ofrak
OFRAK: unpack, modify, and repack binaries.
riramar/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
jaeles-project/jaeles
The Swiss Army knife for automated Web Application Testing
google/atheris
Azure/PyRIT
The Python Risk Identification Tool for generative AI (PyRIT) is an open access automation framework to empower security professionals and machine learning engineers to proactively find risks in their generative AI systems.
yandex/gixy
Nginx configuration static analyzer
AutomatedLab/AutomatedLab
AutomatedLab is a provisioning solution and framework that lets you deploy complex labs on HyperV and Azure with simple PowerShell scripts. It supports all Windows operating systems from 2008 R2 to 2022, some Linux distributions and various products like AD, Exchange, PKI, IIS, etc.
moloch--/MitmFuzzer
A fuzzing script for MitmProxy