totoPouet's Stars
Liodeus/Good-Cloud-Practice
GCP non compliance scanner
webpwnized/gcp-audit
GCP Audit checks projects in Google Cloud for compliance with CIS Benchmarks
GoogleCloudPlatform/security-analytics
Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud
redcanaryco/atomic-red-team
Small and highly portable detection tests based on MITRE's ATT&CK.
AsBuiltReport/AsBuiltReport.NetApp.ONTAP
A PowerShell module to generate an as built report on the configuration of NetApp ONTAP storage arrays.
LasCC/HackTools
The all-in-one browser extension for offensive security professionals 🛠
WADComs/WADComs.github.io
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
microsoft/playwright
Playwright is a framework for Web Testing and Automation. It allows testing Chromium, Firefox and WebKit with a single API.
microsoft/Web-Dev-For-Beginners
24 Lessons, 12 Weeks, Get Started as a Web Developer
certmichelin/Redscan
jehama/MSSQL-audit-scripts
scripts that can be used when auditing a MSSQL Server.
gtworek/Priv2Admin
Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.
safebuffer/sam-the-admin
Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user
Apoc70/Get-ExchangeEnvironmentReport
This script creates an HTML report showing the following information about an Exchange 2019, 2016, 2013, 2010, and, to a lesser extent, 2007 and 2003 environment.
yeswehack/PwnFox
PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.
shadowsocks/shadowsocks-libev
Bug-fix-only libev port of shadowsocks. Future development moved to shadowsocks-rust
michenriksen/aquatone
A Tool for Domain Flyovers
blechschmidt/massdns
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)
blaCCkHatHacEEkr/PENTESTING-BIBLE
articles
BishopFox/sliver
Adversary Emulation Framework
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
kforney/pentest-distro-builder
A script for easily building customized images of pentesting distros (Kali and ParrotSec).
tmobile/pacbot
PacBot (Policy as Code Bot)
mandiant/commando-vm
Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com
bitsadmin/wesng
Windows Exploit Suggester - Next Generation
MickaelWalter/wp-json-scraper
Scrapes WordPress data using the WP-JSON API activated by default since WordPress 4.7
ivre/ivre
Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, build your taylor-made EASM tool, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, ProjectDiscovery tools, etc.
rxwx/CVE-2018-0802
PoC Exploit for CVE-2018-0802 (and optionally CVE-2017-11882)
enaqx/awesome-pentest
A collection of awesome penetration testing resources, tools and other shiny things
urbanadventurer/WhatWeb
Next generation web scanner