strupo's Stars
daniestevez/gr-satellites
GNU Radio decoder for Amateur satellites
RedSiege/Egress-Assess
Egress-Assess is a tool used to test egress data detection capabilities
RedSiege/C2concealer
C2concealer is a command line tool that generates randomized C2 malleable profiles for use in Cobalt Strike.
sevagas/macro_pack
macro_pack is a tool by @EmericNasi used to automatize obfuscation and generation of Office documents, VB scripts, shortcuts, and other formats for pentest, demo, and social engineering assessments. The goal of macro_pack is to simplify exploitation, antimalware bypass, and automatize the process from malicious macro and script generation to final document generation. It also provides a lot of helpful features useful for redteam or security research.
nccgroup/SocksOverRDP
Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
dirkjanm/ROADtools
A collection of Azure AD/Entra tools for offensive and defensive security purposes
kgretzky/pwndrop
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
0xZDH/BridgeKeeper
Scrape, Hunt, and Transform names and usernames
0xC01DF00D/Collabfiltrator
Exfiltrate blind remote code execution output over DNS via Burp Collaborator.
timbo05sec/Tools-n-Stuff
getgauge/taiko
A node.js library for testing modern web applications
Raikia/UhOh365
A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is unthrottled, and is incredibly useful for social engineering assessments to find which emails exist and which don't.
galkan/crowbar
Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.
g0tmi1k/debian-ssh
Debian OpenSSL Predictable PRNG (CVE-2008-0166)
atucom/dotfiles
0xZDH/o365spray
Username enumeration and password spraying tool aimed at Microsoft O365.
ernw/nmap-parse-output
Converts/manipulates/extracts data from a Nmap scan output.
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
TH3xACE/SUDO_KILLER
A tool designed to exploit a privilege escalation vulnerability in the sudo program on Unix-like systems. It takes advantage of a specific misconfiguration or flaw in sudo to gain elevated privileges on the system, essentially allowing a regular user to execute commands as the root user.
danielbohannon/Invoke-Obfuscation
PowerShell Obfuscator
danielbohannon/Invoke-CradleCrafter
PowerShell Remote Download Cradle Generator & Obfuscator
mIcHyAmRaNe/okadminfinder
[ Admin panel finder / Admin Login Page Finder ] ¢σ∂є∂ ву 👻 (❤-❤) 👻
DominicBreuker/pspy
Monitor linux processes without root permissions
rsmudge/Malleable-C2-Profiles
Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.
GhostPack/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
ropnop/kerbrute
A tool to perform Kerberos pre-auth bruteforcing
GreatSCT/GreatSCT
The project is called Great SCT (Great Scott). Great SCT is an open source project to generate application white list bypasses. This tool is intended for BOTH red and blue team.
rsmudge/ElevateKit
The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.
trustedsec/nps_payload
This script will generate payloads for basic intrusion detection avoidance. It utilizes publicly demonstrated techniques from several different sources. Written by Larry Spohn (@Spoonman1091) Payload written by Ben Mauch (@Ben0xA) aka dirty_ben
HunnicCyber/SharpSniper
Find specific users in active directory via their username and logon IP address