tfmarques23's Stars
sniper199/BlackDragon
An Adavnced Automation Tool For Web-Recon Developed For Linux Systems
shreyaschavhan/oscp-pre-preparation-plan-and-notes
My OSCP Pre-Preparation Phase. I'm not sure if I'll be able to afford the exam but what count's trying and learning things. I'm gonna give it a try. [Start Date: 21st March 2022]
0xsyr0/OSCP
OSCP Cheat Sheet
OpenCTI-Platform/opencti
Open Cyber Threat Intelligence Platform
1N3/BruteX
Automatically brute force all services running on a target.
tenable/poc
Proof of Concepts
PunitTailor55/WebMap
Nmap Web Dashboard and Reporting
MarkoH17/EmailSecCheck
EmailSecCheck is a lightweight Python utility used to check for common SPF/DMARC misconfigurations that may allow for email spoofing.
byt3bl33d3r/ItWasAllADream
A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE
byt3bl33d3r/log4j-scan
A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228
byt3bl33d3r/WitnessMe
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
byt3bl33d3r/SprayingToolkit
Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient
byt3bl33d3r/BloodHound-Tools
Miscellaneous tools for BloodHound
byt3bl33d3r/msldap
LDAP library for auditing MS AD
byt3bl33d3r/DeathStar
Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Directory environments using some of the most common offensive TTPs.
byt3bl33d3r/OffensiveNim
My experiments in weaponizing Nim (https://nim-lang.org/)
BC-SECURITY/Empire
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
hakivvi/proxylogon
RCE exploit for Microsoft Exchange Server (CVE-2021-26855).
RickGeex/ProxyLogon
ProxyLogon is the formally generic name for CVE-2021-26855, a vulnerability on Microsoft Exchange Server that allows an attacker bypassing the authentication and impersonating as the admin. We have also chained this bug with another post-auth arbitrary-file-write vulnerability, CVE-2021-27065, to get code execution.
Greenwolf/ntlm_theft
A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)
guelfoweb/knock
Knock Subdomain Scan
Kudaes/Dumpy
Reuse open handles to dynamically dump LSASS.
OffensivePython/Saddam
DDoS Amplification Tool
skavngr/rapidscan
:new: The Multi-Tool Web Vulnerability Scanner.
random-robbie/bruteforce-lists
Some files for bruteforcing certain things.
enenumxela/subdomains.sh
A wrapper around tools used for subdomain enumeration, to automate the workflow, on a given domain, written in bash.
RistBS/Awesome-RedTeam-Cheatsheet
Red Team Cheatsheet in constant expansion.
atinfosec/eJPT-Cheatsheet
login-securite/lsassy
Extract credentials from lsass remotely
theyoge/AD-Pentesting-Tools
All about Active Directory pentesting