syscl0ck's Stars
advanced-threat-research/GhidraScripts
Scripts to run within Ghidra, maintained by the Trellix ARC team
ImpostorKeanu/parsuite
Simple parser framework.
microsoft/dev-tunnels-ssh
SSH library for dev-tunnels
lkarlslund/ldapnomnom
Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)
knavesec/CredMaster
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
dylanaraps/neofetch
🖼️ A command-line system information tool written in bash 3.2+
FalconForceTeam/FalconHound
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
sans-blue-team/DeepBlueCLI
alephdata/aleph
Search and browse documents and data; find the people and companies you look for.
dafthack/GraphRunner
A Post-exploitation Toolset for Interacting with the Microsoft Graph API
dirkjanm/PKINITtools
Tools for Kerberos PKINIT and relaying to AD CS
okbob/pspg
Unix pager (with very rich functionality) designed for work with tables. Designed for PostgreSQL, but MySQL is supported too. Works well with pgcli too. Can be used as CSV or TSV viewer too. It supports searching, selecting rows, columns, or block and export selected area to clipboard.
LuemmelSec/PMP-Decrypter
droe/sslsplit
Transparent SSL/TLS interception
microsoft/dev-tunnels
Dev Tunnels SDK
lgandx/PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
shellster/LDAPPER
LDAP Querying without the Suck
cybersecurityworks553/spring4shell-exploit
chompie1337/SIGRed_RCE_PoC
davidprowe/BadBlood
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.
projectdiscovery/nuclei
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the internet. It helps you find vulnerabilities in your applications, APIs, networks, DNS, and cloud configurations.
r0oth3x49/ghauri
An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws
vladko312/SSTImap
Automatic SSTI detection tool with interactive interface
juliocesarfort/public-pentesting-reports
A list of public penetration test reports published by several consulting firms and academic security groups.
SAP/python-pyodata
Enterprise-ready Python OData client
fkhadra/react-toastify
React notification made easy 🚀 !
MobSF/Mobile-Security-Framework-MobSF
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.