screenshotbof

An alternative screenshot capability for Cobalt Strike that uses WinAPI and does not perform a fork & run. Screenshot saved to disk as a file.

scscanner

scscanner is tool to read website status code response from the lists.

scshell

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

sd-goo

Enumerate Subdomains Through Google Dorks

sdto-realworld-subdomains

A repository to host the subdomain wordlists from my blog https://medium.com/@nynan/what-i-learnt-from-reading-217-subdomain-takeover-bug-reports-c0b94eda4366

seatbelt

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

sebackupprivilege

Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

secure-preferences

Android Shared preference wrapper than encrypts the values of Shared Preferences. It's not bullet proof security but rather a quick win for incrementally making your android app more secure.

security-cheatsheets

🔒 A collection of cheatsheets for various infosec tools and topics.

security-payloads

All Type of Payloads

security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

security-research-1

This repository contains proof of concept for zero days and CVEs that were found by Omar Hashem through Security Research

securityrat

OWASP SecurityRAT (version 1.x) - Tool for handling security requirements in development

semantic-ui-react

The official Semantic-UI-React integration

sequelize

An easy-to-use and promise-based multi SQL dialects ORM tool for Node.js | Postgres, MySQL, MariaDB, SQLite, MSSQL, Snowflake, Oracle DB (v6) & Db2 for IBM i

serverlessredirector

Serverless Redirector in various cloud vendor for red team

session-hijack-101

Exploit, POC, Analysis

setoolkit-by-trustedsec

shadowspray

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.

sharpefspotato

Local privilege escalation from SeImpersonatePrivilege using EfsRpc.

sharpexchange

C# Tool to interact with MS Exchange based on MS docs

sharpgmailc2

Our Friendly Gmail will act as Server and implant will exfiltrate data via smtp and will read commands from C2 (Gmail) via imap protocol

sharphound

C# Data Collector for BloodHound

sharphound-detection

sharpkatz

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

sharpldap

SharpLDAP is a tool written in C# that aims to do enumeration via LDAP queries

sharpshooter

Payload Generation Framework

sharpsploit

SharpSploit is a .NET post-exploitation library written in C#

sharpstartwebclient

Programmatically start WebClient from an unprivileged session to enable that juicy privesc.