xlash's Stars
sherlock-project/sherlock
Hunt down social media accounts by username across social networks
djsime1/awesome-flipperzero
🐬 A collection of awesome resources for the Flipper Zero device.
Lissy93/personal-security-checklist
🔒 A compiled checklist of 300+ tips for protecting digital security and privacy in 2024
flipperdevices/flipperzero-firmware
Flipper Zero firmware source code
byt3bl33d3r/CrackMapExec
A swiss army knife for pentesting networks
epi052/feroxbuster
A fast, simple, recursive content discovery tool written in Rust.
s0md3v/Arjun
HTTP parameter discovery suite.
riramar/Web-Attack-Cheat-Sheet
Web Attack Cheat Sheet
GhostPack/Rubeus
Trying to tame the three-headed dog.
AonCyberLabs/Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
GhostPack/Seatbelt
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
projectdiscovery/interactsh
An OOB interaction gathering server and client library
Sysinternals/ProcDump-for-Linux
A Linux version of the ProcDump Sysinternals tool
microsoft/AttackSurfaceAnalyzer
Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation.
sensepost/ruler
A tool to abuse Exchange services
cisagov/Sparrow
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
ossf/allstar
GitHub App to set and enforce security policies
Arvanaghi/SessionGopher
SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.
cisagov/log4j-affected-db
A community sourced list of log4j-affected software
PlumHound/PlumHound
Bloodhound Reporting for Blue and Purple Teams
Arinerron/CVE-2022-0847-DirtyPipe-Exploit
A root exploit for CVE-2022-0847 (Dirty Pipe)
RythmStick/AMSITrigger
The Hunt for Malicious Strings
CrowdStrike/CRT
Contact: CRT@crowdstrike.com
ovotech/gitoops
all paths lead to clouds
domain-protect/domain-protect
OWASP Domain Protect - prevent subdomain takeover
GossiTheDog/SystemNightmare
Gives you instant SYSTEM command prompt on all supported and legacy versions of Windows
alt3kx/CVE-2023-24055_PoC
CVE-2023-24055 PoC (KeePass 2.5x)
boostsecurityio/poutine
boostsecurityio/poutine
vavarachen/evtx2json
A tool to convert Windows evtx files (Windows Event Log Files) into JSON format and log to Splunk (optional) using HTTP Event Collector.
ChrisForsythe/SplunkStuff
A repository for generalized splunk code, dashboards, resources and suggestions/recommendations.