-
weirdAAL Public
WeirdAAL (AWS Attack Library)
-
securitytitles.com Public
Forked from mubix/securitytitles.comStandardizing Security Titles
-
endgame Public
Forked from agnivesh/endgameAn AWS Pentesting tool that lets you use one-liner commands to backdoor an AWS account's resources with a rogue AWS account - or share the resources with the entire internet 😈
-
webintel Public
Forked from danamodio/webintelAttempt to identify common CMS and web applications with a single request.
-
vulhub Public
Forked from vulhub/vulhubPre-Built Vulnerable Environments Based on Docker-Compose
-
keyhacks Public
Forked from streaak/keyhacksKeyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
-
Dockerfiles Public
Forked from andrealbinop/DockerfilesThis repository contains all base Dockerfiles for Docker that I use, and are available at Docker registry.
-
cve-2019-1003000-jenkins-rce-poc Public
Forked from adamyordan/cve-2019-1003000-jenkins-rce-pocJenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
-
metta-1 Public
Forked from uber-common/mettaAn information security preparedness tool to do adversarial simulation.
-
CVE-2017-10617 Public
Forked from gteissier/CVE-2017-10617Contrail: hard coded credentials (CVE-2017-10616) and XML External Entity (XXE) vulnerability (CVE-2017-10617)
-
-
docker-cheat-sheet Public
Forked from wsargent/docker-cheat-sheetDocker Cheat Sheet
-
sysmon-config Public
Forked from ion-storm/sysmon-configAdvanced Sysmon configuration, Installer & Auto Updater with high-quality event tracing
-
jenkins-decrypt Public
Forked from tweksteen/jenkins-decryptCredentials dumper for Jenkins
-
pentesty_scripts Public
scripts for pentesting
-
lyncsmash Public
Forked from nyxgeek/lyncsmashlocate and attack Lync/Skype for Business
-
XXEinjector Public
Forked from enjoiz/XXEinjectorTool for automatic exploitation of XXE vulnerability using direct and different out of band methods.
-
fake_commited_secrets Public
A repo of fake committed secrets to test tools that find committed secrets ([dont submit for BB :-) ]
-
shellen Public
Forked from merrychap/shellenInteractive shellcoding environment to easily craft shellcodes
-
EvilOSX Public
Forked from Marten4n6/EvilOSXA pure python, post-exploitation, RAT (Remote Administration Tool) for macOS / OSX.
-
Python-Backdoor Public
Forked from xp4xbox/Python-BackdoorThis program is an opensource, hidden and undetectable backdoor/reverse shell/RAT for Windows made in Python 3 which contains many features such as multi-client support and cross-platform server.
-
psgetsystem Public
Forked from decoder-it/psgetsystemgetsystem via parent process using ps1 & embeded c#
-
xdebug-shell Public
Forked from gteissier/xdebug-shellxdebug reverse shell
-
JavaDeserH2HC Public
Forked from joaomatosf/JavaDeserH2HCSample codes written for the Hackers to Hackers Conference magazine 2017 (H2HC).
-
merlin Public
Forked from Ne0nd0g/merlinMerlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
-
PowerShellScripts Public
Forked from Arno0x/PowerShellScriptsCollection of PowerShell scripts
-
truffleHog-1 Public
Forked from trufflesecurity/trufflehogSearches through git repositories for high entropy strings and secrets, digging deep into commit history
-
CACTUSTORCH Public
Forked from mdsecactivebreach/CACTUSTORCHCACTUSTORCH: Payload Generation for Adversary Simulations
-
malicious_file_maker Public
malicious file maker/sender to create and send malicious attachments to test your email filter/alerting
-
DumpsterFire Public
Forked from TryCatchHCF/DumpsterFire"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills…
{{ message }}