bradcausey-zz's starred repositories

Security-Research

Exploits written by the Rhino Security Labs team

Language:PythonLicense:BSD-3-ClauseStargazers:1045Issues:0Issues:0

Jbin-website-secret-scraper

Jbin will gather all the URLs from the website and then it will try to expose the secret data from them such as API keys, API secrets, API tokens and many other juicy information.

Language:JavaScriptStargazers:147Issues:0Issues:0

KrbRelayUp

KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings).

Language:C#Stargazers:1485Issues:0Issues:0

checkov

Prevent cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.

Language:PythonLicense:Apache-2.0Stargazers:6719Issues:0Issues:0

frostbyte

FrostByte is a POC project that combines different defense evasion techniques to build better redteam payloads

Language:C#Stargazers:369Issues:0Issues:0

Cheatsheet-God

Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet

Stargazers:3Issues:0Issues:0

burpsuite-copy-as-xmlhttprequest

Copy as XMLHttpRequest BurpSuite extension

Language:JavaLicense:MITStargazers:31Issues:0Issues:0

PacketStreamer

:star: :star: Distributed tcpdump for cloud native environments :star: :star:

Language:GoLicense:Apache-2.0Stargazers:1855Issues:0Issues:0

stackrox

The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment.

Language:GoLicense:Apache-2.0Stargazers:1084Issues:0Issues:0

container.training

Slides and code samples for training, tutorials, and workshops about Docker, containers, and Kubernetes.

Language:ShellLicense:NOASSERTIONStargazers:3571Issues:0Issues:0

GoMapEnum

User enumeration and password bruteforce on Azure, ADFS, OWA, O365, Teams and gather emails on Linkedin

Language:GoLicense:GPL-3.0Stargazers:419Issues:0Issues:0

owasp-mastg

The Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes the technical processes for verifying the controls listed in the OWASP Mobile Application Security Verification Standard (MASVS).

Language:PythonLicense:CC-BY-SA-4.0Stargazers:11430Issues:0Issues:0

o365spray

Username enumeration and password spraying tool aimed at Microsoft O365.

Language:PythonLicense:MITStargazers:706Issues:0Issues:0

passphrase-wordlist

Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

Language:PythonLicense:MITStargazers:1166Issues:0Issues:0

amazon-linux-cis

Bootstrap script for Amazon Linux to comply CIS Amazon Linux Benchmark v2.0.0

Language:PythonLicense:MITStargazers:58Issues:0Issues:0

cis-benchmarks-audit

Simple command line tool to check for compliance against CIS Benchmarks

Language:PythonLicense:NOASSERTIONStargazers:239Issues:0Issues:0

PurplePanda

Identify privilege escalation paths within and across different clouds

Language:PythonLicense:NOASSERTIONStargazers:644Issues:0Issues:0

DPAT

Domain Password Audit Tool for Pentesters

Language:PythonLicense:MITStargazers:877Issues:0Issues:0

mentalist

Mentalist is a graphical tool for custom wordlist generation. It utilizes common human paradigms for constructing passwords and can output the full wordlist as well as rules compatible with Hashcat and John the Ripper.

Language:PythonLicense:MITStargazers:1747Issues:0Issues:0

python-pty-shells

Python PTY backdoors - full PTY or nothing!

Language:PythonLicense:WTFPLStargazers:734Issues:0Issues:0
Language:PowerShellStargazers:1458Issues:0Issues:0

pyndiff

Generate human-readable ndiff output when comparing 2 Nmap XML scan files

Language:PythonLicense:Apache-2.0Stargazers:7Issues:0Issues:0

SharpExfiltrate

Modular C# framework to exfiltrate loot over secure and trusted channels.

Language:C#Stargazers:122Issues:0Issues:0
Language:PowerShellStargazers:53Issues:0Issues:0

MimeSpray

MimeCast Password Spraying Tool

Language:PythonLicense:BSD-3-ClauseStargazers:44Issues:0Issues:0
Language:PythonLicense:Apache-2.0Stargazers:1369Issues:0Issues:0

TREVORspray

TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!

Language:PythonLicense:GPL-3.0Stargazers:985Issues:0Issues:0

VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

Stargazers:1338Issues:0Issues:0

powercat

netshell features all in version 2 powershell

Language:PowerShellLicense:Apache-2.0Stargazers:2073Issues:0Issues:0

PRET

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

Language:PythonLicense:GPL-2.0Stargazers:3809Issues:0Issues:0