Ian Williams's starred repositories
PentestHardware
Kinda useful notes collated together publicly
spiderfoot
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
silentbridge
Silentbridge is a toolkit for bypassing 802.1x-2010 and 802.1x-2004.
lighthouse
A Coverage Explorer for Reverse Engineers
attack-surface-detector-burp
The Attack Surface Detector uses static code analyses to identify web app endpoints by parsing routes and identifying parameters
SILENTTRINITY
An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Windows-Exploit-Suggester
This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target. It also notifies the user if there are public exploits and Metasploit modules available for the missing bulletins.
Remote-Desktop-Caching-
This tool allows one to recover old RDP (mstsc) session information in the form of broken PNG files. These PNG files allows Red Team member to extract juicy information such as LAPS passwords or any sensitive information on the screen. Blue Team member can reconstruct PNG files to see what an attacker did on a compromised host. It is extremely useful for a forensics team to extract timestamps after an attack on a host to collect evidences and perform further analysis.
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
infosec-tricks
Infosec tips and tricks
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources