BrianHeeseIs

BratShell

PHP shell that hijacks the the incoming socket connection to provide an interactive shell session on port 80

ccxt

A JavaScript / Python / PHP cryptocurrency trading library with support for more than 90 bitcoin/altcoin exchanges

creddump

Automatically exported from code.google.com/p/creddump

DYP-staking-governance-dapp

Staking and Governance dapp for DYP

exploit-database-bin-sploits

Exploit Database binary exploits located in the /sploits directory

gasbar

Ethereum Gas Fee for the MacBook Pro touchbar (using BetterTouchTool)

hate_crack

A tool for automating cracking methodologies through Hashcat from the TrustedSec team.

iCloud-API

Node API for Apple's iCloud services

img-optimize

Image optimization bash script

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

lamassu-server

Part of the Lamassu Cryptomat platform

magento2

All Submissions you make to Magento Inc. (“Magento") through GitHub are subject to the following terms and conditions: (1) You grant Magento a perpetual, worldwide, non-exclusive, no charge, royalty free, irrevocable license under your applicable copyrights and patents to reproduce, prepare derivative works of, display, publically perform, sublicense and distribute any feedback, ideas, code, or other information (“Submission") you submit through GitHub. (2) Your Submission is an original work of authorship and you are the owner or are legally entitled to grant the license stated above. (3) You agree to the Contributor License Agreement found here: https://github.com/magento/magento2/blob/master/CONTRIBUTOR_LICENSE_AGREEMENT.html

NumiKit

Numi Plugin Kit

oclHashcat

World's fastest and most advanced password recovery utility

osx-strap-on

Machine setup

PacketCrypt

Bandwidth-hard proof of work

pam-duress

A Pluggable Authentication Module (PAM) which allows the establishment of alternate passwords that can be used to perform actions to clear sensitive data, notify IT/Security staff, close off sensitive network connections, etc if a user is coerced into giving a threat actor a password.

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

PHP-EXIF-Backdoors-generator-using-custom-shellcode

PHPEB is a small tool that generates and stores obfuscated shellcode in user specified EXIF handlers.

revsh

A tool for establishing reverse shells with terminal support.

Sand

scylla

scylla.sh db dumps and more

SecLists

SecLists is the security tester's companion. It is a collection of multiple types of lists used during security assessments. List types include usernames, passwords, URLs, sensitive data grep strings, fuzzing payloads, and many more.

snodew

PHP root (suid) reverse shell

static-binaries

Various *nix tools built as statically-linked binaries

traitor

Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins :arrow_up: :skull_and_crossbones:

VancedManager

Vanced Installer

vlany

Linux LD_PRELOAD rootkit (x86 and x86_64 architectures)

wifiphisher

The Rogue Access Point Framework

xss

some example xss payloads