shamus-mcnuggets

shamus-mcnuggets's Stars

• mitre/caldera

  Automated Adversary Emulation Platform

  Language:Python5.8k1.1k

• redcanaryco/atomic-red-team

  Small and highly portable detection tests based on MITRE's ATT&CK.

  Language:C10k2.8k

• joshzelonis/attack-eval-scoring

  This was code for analyzing round 1 of the MITRE Enterprise ATT&CK Evaluation. Please check out https://github.com/joshzelonis/EnterpriseAPT29Eval for round 2 information.

  Language:Python9519

• steverobbins/magescan

  Scan a Magento site for information

  Language:PHP441110

• Marantral/netCON

  Network enumeration and reconnaissance tool

  Language:Python4

• drk1wi/Modlishka

  Modlishka. Reverse Proxy.

  Language:Go4.9k885

• kgretzky/evilginx2

  Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

  Language:Go11.4k2k

• ustayready/fireprox

  AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation

  Language:Python1.9k275

• dafthack/MSOLSpray

  A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.

  Language:PowerShell924172

• trufflesecurity/trufflehog

  Find, verify, and analyze leaked credentials

  Language:Go17.7k1.7k

• michenriksen/gitrob

  Reconnaissance tool for GitHub organizations

  Language:Go6k831

• gitleaks/gitleaks

  Find secrets with Gitleaks 🔑

  Language:Go18.3k1.5k

• eth0izzle/shhgit

  Ah shhgit! Find secrets in your code. Secrets detection for your GitHub, GitLab and Bitbucket repositories.

  Language:JavaScript3.9k482

• dafthack/PowerMeta

  PowerMeta searches for publicly available files hosted on various websites for a particular domain by using specially crafted Google, and Bing searches. It then allows for the download of those files from the target domain. After retrieving the files, the metadata associated with them can be analyzed by PowerMeta. Some interesting things commonly found in metadata are usernames, domains, software titles, and computer names.

  Language:PowerShell547116

• oldrho/ip2provider

  Resolves an IP address to the cloud provider it is hosted on

  Language:Python9217

• butlerx/wetty

  Terminal in browser over http/https. (Ajaxterm/Anyterm alternative, but much better)

  Language:TypeScript4.4k680

• Marantral/aMALgamous

  Shell and Pen-testing Tool

  Language:PowerShell165