Skr1ptKid's repositories
ai-exploits
A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
ALFA
ALFA stands for Automated Audit Log Forensic Analysis for Google Workspace. You can use this tool to acquire all Google Workspace audit logs and to perform automated forensic analysis on the audit logs using statistics and the MITRE ATT&CK Cloud Framework
analyst-scripts
Scripts to analyze stuff
AppleJuice
Apple BLE proximity pairing message spoofing
attack_range
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
awesome-osint
:scream: A curated list of amazingly awesome OSINT
bruteforce-lists
Some files for bruteforcing certain things.
Havoc
The Havoc Framework.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
can-i-take-over-xyz
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.
CSS-Exchange
Exchange Server support tools and scripts
DetectionLab
Automate the creation of a lab environment complete with security tooling and logging best practices
dfiq
DFIQ is a collection of investigative questions and the approaches for answering them
dot
The Deepfake Offensive Toolkit
gateway-finder
Tool to identify routers on the local LAN and paths to the Internet
killerbee
IEEE 802.15.4/ZigBee Security Research Toolkit
KubeHound
Kubernetes Attack Graph
objection
📱 objection - runtime mobile exploration
open-cvdb
An open project to list all publicly known cloud vulnerabilities and CSP security issues
payloads
Git All the Payloads! A collection of web attack payloads.
PCredz
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
peirates
Peirates - Kubernetes Penetration Testing tool
rapid-endpoint-investigations
Scripts for rapid Windows endpoint "tactical triage" and investigations with Velociraptor and KAPE
rengine
An automated reconnaissance framework for web apps with a focus on highly configurable recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for pentesters to gather recon with minimal config and with reNgine's correlation
routersploit
Exploitation Framework for Embedded Devices
Sigma-AWS
This repository contains the research and components of our research into using Sigma for AWS Incident Response.
template-generator
A simple variable based template editor using handlebarjs+strapdownjs. The idea is to use variables in markdown based files to easily replace the variables with content. Data is saved temporarily in local storage. PHP is only needed to generate the list of files in the dropdown of templates.
warhorse
Infrastructure Automation
windows-privesc-check
Standalone Executable to Check for Simple Privilege Escalation Vectors on Windows Systems