vinzekatze's Stars
swisskyrepo/PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
dnSpy/dnSpy
.NET debugger and assembly editor
gentilkiwi/mimikatz
A little tool to play with Windows security
onceupon/Bash-Oneliner
A collection of handy Bash One-Liners and terminal tricks for data processing and Linux system maintenance.
infosecn1nja/Red-Teaming-Toolkit
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
BishopFox/sliver
Adversary Emulation Framework
yeyintminthuhtut/Awesome-Red-Teaming
List of Awesome Red Teaming Resources
HavocFramework/Havoc
The Havoc Framework.
A-poc/RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
lgandx/Responder
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
Ne0nd0g/merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
s0md3v/AwesomeXSS
Awesome XSS stuff
Pennyw0rth/NetExec
The Network Execution Tool
matro7sh/BypassAV
This map lists the essential techniques to bypass anti-virus and EDR
dirkjanm/BloodHound.py
A Python based ingestor for BloodHound
alphaSeclab/awesome-rat
RAT And C&C Resources. 250+ Open Source Projects, 1200+ RAT/C&C blog/video.
D4Vinci/One-Lin3r
Gives you one-liners that aids in penetration testing operations, privilege escalation and more
stark0de/nginxpwner
Nginxpwner is a simple tool to look for common Nginx misconfigurations and vulnerabilities.
kislyuk/argcomplete
Python and tab completion, better together.
Cyber-Guy1/API-SecurityEmpire
API Security Project aims to present unique attack & defense methods in API Security field
Orange-Cyberdefense/ocd-mindmaps
Orange Cyberdefense mindmaps
swisskyrepo/InternalAllTheThings
Active Directory and Internal Pentest Cheatsheets
frizb/Windows-Privilege-Escalation
Windows Privilege Escalation Techniques and Scripts
chrislockard/api_wordlist
A wordlist of API names for web application assessments
tcostam/awesome-command-control
A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assignments.
hueristiq/web-hacking-toolkit
A web hacking toolkit (docker image).
RedSection/pFuzz
pFuzz helps us to bypass web application firewall by using different methods at the same time.
Jean-Francois-C/SAP-Security-Audit
Training course materials and notes related to SAP security audit and penetration testing
cujanovic/Virtual-host-wordlist
Virtual host wordlist
redrays-io/SAP-Penetration-Testing
SAP Penetration Testing: A Comprehensive Analysis of SAP Security Issues