Anas Lachheb's repositories
lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
chisel
A fast TCP/UDP tunnel over HTTP
403jump
HTTP 403 bypass tool
muraena
Muraena is an almost-transparent reverse proxy aimed at automating phishing and post-phishing activities.
juice-shop
OWASP Juice Shop: Probably the most modern and sophisticated insecure web application
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
CloakQuest3r
Uncover the true IP address of websites safeguarded by Cloudflare & Others
Evilginx3-Phishlets
This repository provides penetration testers and red teams with an extensive collection of dynamic phishing templates designed specifically for use with Evilginx3.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Certipy
Tool for Active Directory Certificate Services enumeration and abuse
GOAD
game of active directory
PSPKIAudit
PowerShell toolkit for AD CS auditing based on the PSPKI toolkit.
WebWorldWind-NASA
The NASA WorldWind Javascript SDK (WebWW) includes the library and examples for creating geo-browser web applications and for embedding a 3D globe in HTML5 web pages.
RedCloud-OS-CWL
RedCloudOS is a Cloud Adversary Simulation Operating System for Red Teams to assess the Cloud Security of Leading Cloud Service Providers (CSPs)
linux-exploit-suggester
Linux privilege escalation auditing tool
CrimsonEDR
Simulate the behavior of AV/EDR for malware development training.
BloodHound
Six Degrees of Domain Admin
pwndoc
Pentest Report Generator
fuzzing
Tutorials, examples, discussions, research proposals, and other resources related to fuzzing
lsassy
Extract credentials from lsass remotely
Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them
Modlishka
Modlishka. Reverse Proxy.
linux-smart-enumeration
Linux enumeration tool for pentesting and CTFs with verbosity levels
PassTheCert
Proof-of-Concept tool to authenticate to an LDAP/S server with a certificate through Schannel
Whisker
Whisker is a C# tool for taking over Active Directory user and computer accounts by manipulating their msDS-KeyCredentialLink attribute, effectively adding "Shadow Credentials" to the target account.
fluxion
Fluxion is a remake of linset by vk496 with enhanced functionality.
linikatz
linikatz is a tool to attack AD on UNIX
IoTSeeker
Created by Jin Qian via the GitHub Connector