Beast code in Giters

Green-Wolf's starred repositories

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:PythonMIT61235 18230

XSStrike

Most advanced XSS scanner.

Language:PythonGPL-3.013353 274 287

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

Language:GoBSD-3-Clause10902 307 884

subfinder

Fast passive subdomain enumeration tool.

Language:GoMIT10252 155 458

RsaCtfTool

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

Language:PythonGPL-3.05728 67 219

Modlishka

Modlishka. Reverse Proxy.

Language:GoNOASSERTION4842 141 289

security_monkey

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

Language:PythonApache-2.04356 629 548

Covenant

Covenant is a collaborative .NET C2 framework for red teamers.

Language:C#GPL-3.04188 118 308

massdns

A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration)

Language:CGPL-3.03166 72 110

awesome-burp-extensions

A curated list of amazingly awesome Burp Extensions

CC0-1.02989 121 5

SILENTTRINITY

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

Language:BooGPL-3.02195 111 87

malice

VirusTotal Wanna Be - Now with 100% more Hipster

Language:GoApache-2.01649 96 109

Winpayloads

Undetectable Windows Payload Generation

Language:PythonApache-2.01558 106 73

domainhunter

Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names

Language:PythonBSD-3-Clause1539 60 25

CredSniper

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

Language:HTMLApache-2.01329 77 24

CheatSheets

Cheat sheets for various projects.

1042 66 3

PrivExchange

Exchange your privileges for Domain Admin privs by abusing Exchange

Language:PythonMIT976 32 21

InveighZero

.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers

BSD-3-Clause791 28 5

dirty_sock

Linux privilege escalation exploit via snapd (CVE-2019-7304)

Language:PythonGPL-3.0662 18 6

ODIN

Automated network asset, email, and social media profile discovery and cataloguing.

Language:PythonBSD-3-Clause634 31 17

CredKing

Password spraying using AWS Lambda for IP rotation

Language:Python577 26 3

OffensiveDLR

Toolbox containing research notes & PoC code for weaponizing .NET's DLR

Language:PowerShellBSD-3-Clause513 25 1

DoHC2

DoHC2 allows the ExternalC2 library from Ryan Hanson (https://github.com/ryhanson/ExternalC2) to be leveraged for command and control (C2) via DNS over HTTPS (DoH).

Language:C#440 37 3

scavenger

scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information.

Language:PythonGPL-3.0329 27 4