Mark Gillanders's repositories
evil-winrm
The ultimate WinRM shell for hacking/pentesting
100-days-of-code
Fork this template for the 100 days journal - to keep yourself accountable (multiple languages available)
100-redteam-projects
Projects for security students
1N3
Founder of @Sn1perSecurity LLC. Creator of Sn1per. Top 20 worldwide on @bugcrowd in 2016. OSCE/OSCP/CISSP/Security+
assetfinder
Find domains and subdomains related to a given domain
Awesome-Fuzzing
A curated list of fuzzing resources ( Books, courses - free and paid, videos, tools, tutorials and vulnerable applications to practice on ) for learning Fuzzing and initial phases of Exploit Development like root cause analysis.
beef
The Browser Exploitation Framework Project
bulk-security-pr-generator
Generate thousands of pull requests to fix widespread security vulnerabilities across GitHub.
CISSPNotes
Notes for my CISSP study
CrackMapExec
A swiss army knife for pentesting networks
cyber_plumbers_handbook_lab_info
Information for accessing The Cyber Plumber's Handbook Lab
evilginx2
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Go365
An Office365 User Attack Tool
linux-exploit-suggester
Linux privilege escalation auditing tool
masscan-1
Masscan is a golang library to run masscan scans, parse scan results.
mimikatz
A little tool to play with Windows security
Nettacker
Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management
OSINT
Collections of tools and methods created to aid in OSINT collection
PMAT-labs
Labs for Practical Malware Analysis & Triage
public-pentesting-reports
Curated list of public penetration test reports released by several consulting firms and academic security groups
pwndora
Massive IPv4 scanner, find and analyze internet-connected devices in minutes, create your own IoT search engine at home.
robotium
Android UI Testing
RsaCtfTool
RSA attack tool (mainly for ctf) - retreive private key from weak public key and/or uncipher data
subbrute
A DNS meta-query spider that enumerates DNS records, and subdomains.
Top10
Official OWASP Top 10 Document Repository
WAF-bypass-xss-payloads
XSS payloads for bypassing WAF. This repository is updating continuously.
wafw00f
WAFW00F allows one to identify and fingerprint Web Application Firewall (WAF) products protecting a website.
XSStrike
Most advanced XSS scanner.