Miau's repositories
Astra
Automated Security Testing For REST API's
Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
Awesome-Hacking-Resources
A collection of hacking / penetration testing resources to make you better!
changeme
A default credential scanner.
Cheatsheet-God
Penetration Testing / OSCP Biggest Reference Bank / Cheatsheet
cipherscan
A very simple way to find out which SSL ciphersuites are supported by a target.
CobaltStrikeForensic
Toolset for research malware and Cobalt Strike beacons
CVE-2018-17246
CVE-2018-17246 - Kibana LFI < 6.4.3 & 5.6.13
cve-2019-1003000-jenkins-rce-poc
Jenkins RCE Proof-of-Concept: SECURITY-1266 / CVE-2019-1003000 (Script Security), CVE-2019-1003001 (Pipeline: Groovy), CVE-2019-1003002 (Pipeline: Declarative)
CVE-2019-3396_EXP
CVE-2019-3396 confluence SSTI RCE
fetch-some-proxies
Simple Python script for fetching "some" (usable) proxies
fireprox
AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation
h4cker
This repository is primarily maintained by Omar Santos and includes thousands of resources related to ethical hacking / penetration testing, digital forensics and incident response (DFIR), vulnerability research, exploit development, reverse engineering, and more.
Infosec_Reference
An Information Security Reference That Doesn't Suck
inspec_tools
A command-line and ruby API of utilities, converters and tools for creating, converting and processing security baseline formats, results and data
lscript
The LAZY script will make your life easier, and of course faster.
merlin
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
MobileApp-Pentest-Cheatsheet
The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics.
nishang
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
pentest-guide
Penetration tests cases, resources and guidelines.
Powershell-RAT
Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment.
purple-team-attack-automation
Praetorian's public release of our Metasploit automation of MITRE ATT&CK™ TTPs
PyExfil
A Python Package for Data Exfiltration
Reconnoitre
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
soar
SQL Optimizer And Rewriter
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
tplmap
Server-Side Template Injection and Code Injection Detection and Exploitation Tool
vm-bhyve
Shell based, minimal dependency bhyve manager