shamo0's Stars
cisagov/ScubaGoggles
SCuBA Secure Configuration Baselines and assessment tool for Google Workspace
cisagov/ScubaGear
Automation to assess the state of your M365 tenant against CISA's baselines
vulhub/vulhub
Pre-Built Vulnerable Environments Based on Docker-Compose
techspence/ScriptSentry
ScriptSentry finds misconfigured and dangerous logon scripts.
TrimarcJake/Locksmith
A small tool built to find and fix common misconfigurations in Active Directory Certificate Services.
netwrix/pingcastle
PingCastle - Get Active Directory Security at 80% in 20% of the time
hak5/pineapple-modules
The Official WiFi Pineapple Module Repository for the WiFi Pineapple Mark VII
CVEProject/cvelist
Pilot program for CVE submission through GitHub. CVE Record Submission via Pilot PRs ending 6/30/2023
hackertarget/nmap-did-what
Nmap Dashboard Mini Project
CBHue/nMap_Merger
Merge multiple nMap xml files into one
S3N4T0R-0X0/BEAR
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine.
NetSPI/gcpwn
Enumeration/exploit/analysis/download/etc pentesting framework for GCP; modeled like Pacu for AWS; a product of numerous hours via @WebbinRoot
ustayready/fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
assetnote/nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
americo/sqlifinder
SQL Injection Vulnerability Scanner made with Python
insidetrust/statistically-likely-usernames
Wordlists for creating statistically likely username lists for use in password attacks and security testing
sensity-ai/dot
The Deepfake Offensive Toolkit
Azure/PyRIT
The Python Risk Identification Tool for generative AI (PyRIT) is an open source framework built to empower security professionals and engineers to proactively identify risks in generative AI systems.
JoelGMSec/Invoke-Stealth
Simple & Powerful PowerShell Script Obfuscator
danielmiessler/fabric
fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.
netrunnersrun/byteheist
Simple exfiltration web app deployed via Terraform on Google Cloud Platform.
lord-alfred/ipranges
🔨 List all IP ranges from: Google (Cloud & GoogleBot), Bing (Bingbot), Amazon (AWS), Microsoft, Oracle (Cloud), GitHub, Facebook (Meta), OpenAI (GPTBot) and other with daily updates.
g0ldencybersec/CloudRecon
emadshanab/Acomplete-guide-to-dir-brute-force-admin-panel-and-API-endpoints
emadshanab/Nuclei-Templates-Collection
Nuclei Templates Collection
ShutdownRepo/smartbrute
Password spraying and bruteforcing tool for Active Directory Domain Services
0x6d69636b/windows_hardening
HardeningKitty and Windows Hardening Settings
AFLplusplus/AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
strongcourage/fuzzing-corpus
My fuzzing corpus