JB's starred repositories
stride-gpt
An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.
smbclient-ng
smbclient-ng, a fast and user friendly way to interact with SMB shares.
free-for-dev
A list of SaaS, PaaS and IaaS offerings that have free tiers of interest to devops and infradev
Active-Directory-Exploitation-Cheat-Sheet
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.
DefenderCheck
Identifies the bytes that Microsoft Defender flags on.
AMSITrigger
The Hunt for Malicious Strings
Invisi-Shell
Hide your Powershell script in plain sight. Bypass all Powershell security features
wazuh-ansible
Wazuh - Ansible playbook
obsidian-execute-python
lightweight Python code snippet executor with runtime input support (Obsidian plugin)
evilgophish
evilginx3 + gophish
sessionprobe
SessionProbe is a multi-threaded tool designed for penetration testing and bug bounty hunting. It evaluates user privileges in web applications by taking a session token and checking access across a list of URLs, highlighting potential authorization issues.
saas-boilerplate
SaaS Boilerplate - Open Source and free SaaS stack that lets you build SaaS products faster in React, Django and AWS. Focus on essential business logic instead of coding repeatable features!
FalconHound
FalconHound is a blue team multi-tool. It allows you to utilize and enhance the power of BloodHound in a more automated fashion. It is designed to be used in conjunction with a SIEM or other log aggregation tool.
TeamFiltration
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
RedTeam-Tools
Tools and Techniques for Red Team / Penetration Testing
Terminator
Reproducing Spyboy technique to terminate all EDR/XDR/AVs processes
Amsi-Killer
Lifetime AMSI bypass
saas-attacks
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
RockYou2021.txt
RockYou2021.txt is a MASSIVE WORDLIST compiled of various other wordlists. RockYou2021.txt DOES NOT CONTAIN USER:PASS logins!
ShellGhost
A memory-based evasion technique which makes shellcode invisible from process start to end.