Pinned Repositories
A-Red-Teamer-diaries
RedTeam/Pentest notes and experiments tested on several infrastructures related to professional engagements.
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
ADCSPwn
A tool to escalate privileges in an active directory network by coercing authenticate from machine accounts and relaying to the certificate service.
ADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
aquatone
A Tool for Domain Flyovers
awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
WinPwn
Automation for internal Windows Penetrationtest / AD-Security
therealsun's Repositories
therealsun/AD-Attack-Defense
Attack and defend active directory using modern post exploitation adversary tradecraft activity
therealsun/ADRecon
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
therealsun/awesome-hacker-search-engines
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more
therealsun/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
therealsun/Awesome-Redteam
一个攻防知识仓库 Red Teaming and Offensive Security
therealsun/bettercap
The Swiss Army knife for 802.11, BLE, HID, CAN-bus, IPv4 and IPv6 networks reconnaissance and MITM attacks.
therealsun/cheatsheets
Collection of knowledge about information security
therealsun/evil-winrm
The ultimate WinRM shell for hacking/pentesting
therealsun/ezXSS
ezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.
therealsun/GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
therealsun/GTFONow
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
therealsun/Hacker-Roadmap
A detailed plan to achieve proficiency in hacking and penetration testing, with pathways including obtaining a degree in cybersecurity or earning relevant certifications.
therealsun/Havoc
The Havoc Framework
therealsun/knock
Knock Subdomain Scan
therealsun/LaZagne
Credentials recovery project
therealsun/LOLBAS
Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
therealsun/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
therealsun/NetExec
The Network Execution Tool
therealsun/power-pwn
An offensive security toolset for Microsoft 365 focused on Microsoft Copilot, Copilot Studio and Power Platform
therealsun/pypykatz
Mimikatz implementation in pure Python
therealsun/pywhisker
Python version of the C# tool for "Shadow Credentials" attacks
therealsun/Scanners-Box
A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑
therealsun/sherlock
Hunt down social media accounts by username across social networks
therealsun/sliver
Adversary Emulation Framework
therealsun/social-engineer-toolkit
The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.
therealsun/targetedKerberoast
Kerberoast with ACL abuse capabilities
therealsun/The-Hacker-Recipes
This project is aimed at freely providing technical guides on various hacking topics.
therealsun/tiny11builder
Scripts to build a trimmed-down Windows 11 image.
therealsun/Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
therealsun/wstg
The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.