meditology Goto Github PK

scripthunter

Tool to find JavaScript files on Websites

scripts

Scripts I use during pentest engagements.

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

secretfinder

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

sessiongopher

SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, SuperPuTTY, FileZilla, and Microsoft Remote Desktop. It can be run remotely or locally.

shareaudit

A tool for auditing network shares in an Active Directory environment

sharesearch

Samba, NFS shares spider and grepper

sharp-suite

Also known by Microsoft as Knifecoat :hot_pepper:

sharpcollection

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

sharphound

The BloodHound C# Ingestor

sharphound3

C# Data Collector for the BloodHound Project, Version 3

sharpkatz

Porting of mimikatz sekurlsa::logonpasswords, sekurlsa::ekeys and lsadump::dcsync commands

sharplaps

Retrieve LAPS password from the LDAP

sharpmapexec

sharpnopsexec

Get file less command execution for lateral movement.

sharprdphijack

A POC Remote Desktop (RDP) session hijack utility for disconnected sessions

sharpsecdump

.Net port of the remote SAM + LSA Secrets dumping functionality of impacket's secretsdump.py

sharpsmbspray

Spray a hash via smb to check for local administrator access

sharpsploit

SharpSploit is a .NET post-exploitation library written in C#

sharpstay

.NET project for installing Persistence

sharpup

SharpUp is a C# port of various PowerUp functionality.

sharpwebserver

Red Team oriented C# Simple HTTP & WebDAV Server with Net-NTLM hashes capture functionality

showssid

silenttrinity

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

simplyemail

SimpleEmail is a email recon tool that is fast and easy framework to build on

smb-autopwn

Discovers and exploits hosts vulnerable to MS08-067/MS17-010

smbscanner

Smb Scanner from PingCastle

spiderfoot

SpiderFoot automates OSINT so you can focus on analysis.

spoolsample

PoC tool to coerce Windows hosts authenticate to other machines via the MS-RPRN RPC interface. This is possible via other protocols as well.

sprayingtoolkit

Scripts to make password spraying attacks against Lync/S4B & OWA a lot quicker, less painful and more efficient