sho-luv's Stars
aapooksman/certmitm
A tool for testing for certificate validation vulnerabilities of TLS connections made by a client device or an application.
dhammon/ai-goat
Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.
danielmiessler/fabric
fabric is an open-source framework for augmenting humans using AI. It provides a modular framework for solving specific problems using a crowdsourced set of AI prompts that can be used anywhere.
HigherOrderCO/Bend
A massively parallel, high-level programming language
protectai/ai-exploits
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
peass-ng/PEASS-ng
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
foxlox/GIUDA
Ask a TGS on behalf of another user without password
OmriBaso/BesoToken
A tool to Impersonate logged on users without touching LSASS (Including non-Interactive sessions).
NVIDIA/garak
the LLM vulnerability scanner
utkusen/promptmap
automatically tests prompt injection attacks on ChatGPT instances
nomic-ai/gpt4all
GPT4All: Run Local LLMs on Any Device. Open-source and available for commercial use.
lowlighter/metrics
📊 An infographics generator with 30+ plugins and 300+ options to display stats about your GitHub account and render them as SVG, Markdown, PDF or JSON!
MzHmO/psexec_noinstall
Repository contains psexec, which will help to exploit the forgotten pipe
B34MR/evillyn
An EvilTwin wrapper with quality of life enhancements.
The-Hacker-Recipes/The-Hacker-Recipes
This project is aimed at freely providing technical guides on various hacking topics.
ppeetteerrs/obsidian-zola
A no-brainer solution to turning your Obsidian PKM into a Zola site.
jhicks-r7/autoaclpwn
ly4k/Certipy
Tool for Active Directory Certificate Services enumeration and abuse
liamg/traitor
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
ssOleg/Useful_code
matterpreter/SHAPESHIFTER
Companion PoC for the "Adventures in Dynamic Evasion" blog post
sc0tfree/mentalist
Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.
fortra/impacket
Impacket is a collection of Python classes for working with network protocols.
google/fuzzing
Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
pumasecurity/serverless-prey
Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions
bettercap/bettercap
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
whid-injector/whid-31337
WHID Elite is a GSM-enabled Open-Source Multi-Purpose Offensive Device that allows a threat actor to remotely inject keystrokes, bypass air-gapped systems, conduct mousejacking attacks, do acoustic surveillance, RF replay attacks and much more. In practice, is THE Wet Dream of any Security Consultant out there!
GabLeRoux/terraform-aws-vpn
🌐 Create a vpn server on AWS in its own vpc using terraform
RhinoSecurityLabs/cloudgoat
CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool