damaidec Goto Github PK

plution

Prototype pollution scanner using headless chrome

poc-in-github

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

poshc2

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

powerlessshell

Run PowerShell command without invoking powershell.exe

powersharppack

practical-ethical-hacking-resources

Compilation of Resources from TCM's Practical Ethical Hacking Udemy Course

purplepanda

Identify privilege escalation paths within and across different clouds

qu1cksc0pe

All-in-One malware analysis tool.

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

red-team-notes

Just learning around new stuff mostly Red Teaming and such but will try to see if I can update or simplify them more, nothing too exotic (yet).

red-teaming-toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

red_team

Some scripts useful for red team activities

redeye

RedEye is a visual analytic tool supporting Red & Blue Team operations

redteam-tools

Tools and Techniques for Red Team / Penetration Testing

rekono

Execute complete pentesting processes combining multiple hacking tools automatically

sccm-http-looter

Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)

sharpedrchecker

Checks running processes, process metadata, Dlls loaded into your current process and the each DLLs metadata, common install directories, installed services and each service binaries metadata, installed drivers and each drivers metadata, all for the presence of known defensive products such as AV's, EDR's and logging tools.

shell3er

PowerShell Reverse Shell

sliver

Adversary Emulation Framework

snaffler

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

stealerium

Stealer + Clipper + Keylogger

subzy

Subdomain takeover vulnerability checker

sysreptor

Fully customisable, offensive security reporting solution designed for pentesters, red teamers and other security-related people alike.

teamsphisher

Send phishing messages and attachments to Microsoft Teams users

terminator

Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes

threatcheck

Identifies the bytes that Microsoft Defender / AMSI Consumer flags on.

tools

scripts for ctf , bug bounty and stuffs

unhookingpatch

Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime

urlcrazy

Generate and test domain typos and variations to detect and perform typo squatting, URL hijacking, phishing, and corporate espionage.

vapi

vAPI is Vulnerable Adversely Programmed Interface which is Self-Hostable API that mimics OWASP API Top 10 scenarios through Exercises.