Chaos-Monkey-Island's repositories
ADExplorerSnapshot.py
ADExplorerSnapshot.py is an AD Explorer snapshot ingestor for BloodHound.
AutoSUID
AutoSUID application is the Open-Source project, the main idea of which is to automate harvesting the SUID executable files and to find a way for further escalating the privileges.
AzureHunter
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
blst-test-
Run Github Actions for blsts
bodgeit
The BodgeIt Store is a vulnerable web application which is currently aimed at people who are new to pen testing.
caido
🚀 Caido releases, wiki and roadmap
cve
Gather and update all available and newest CVEs with their POC.
DevSecOps
🔱 Collection and Roadmap for everyone who wants DevSecOps. Hope your DevOps are more safe 😎
DevSecOps-1
Ultimate DevSecOps library
ForceAdmin
⚡ Create infinite UAC prompts forcing a user to run as admin ⚡
Linux-Utils
Scripts, Tools et al. that are generally nice to have on a fresh linux box
log4j-finder
Find vulnerable Log4j2 versions on disk and also inside Java Archive Files (Log4Shell CVE-2021-44228, CVE-2021-45046, CVE-2021-45105)
mitm_relay
Hackish way to intercept and modify non-HTTP protocols through Burp & others.
Nuclei-Templates-Collection
Nuclei Templates Collection
pywerview
A (partial) Python rewriting of PowerSploit's PowerView
RandomScripts
Scripts for public use that we've randomly written, or have updated from other people's work.
recoscrp
recoscrp
secret-regex-list
List of regex for scraping secret API keys and juicy information.
serverless_toolkit
A collection of useful Serverless functions I use when pentesting
ShonyDanza
A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.
StandIn
StandIn is a small .NET35/45 AD post-exploitation toolkit
threagile
Agile Threat Modeling Toolkit
tiny-python-docker-image
The most lightweight python docker image possible
tor-rootkit
A Python 3 standalone Windows 10 / Linux Rootkit using Tor.
vulmap-1
Vulmap 是一款 web 漏洞扫描和验证工具, 可对 webapps 进行漏洞扫描, 并且具备漏洞验证功能
zaproxy
The OWASP ZAP core project