DnaSec

binnim

Shitty Nim code that reads in a file and converts it into \x hex representation, for the use of shellcode binaries.

PEASS-ng

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Above

Network Vulnerability Scanner by Caster

awesome-hacker-search-engines

A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more

awesome-oscp

A curated list of awesome OSCP resources

CrackMapExec

A swiss army knife for pentesting networks

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

ethical-hacking-tools-python

Python programs & tools built in the Ethical Hacking with Python EBook

evilgophish

evilginx3 + gophish

Freeze

Freeze is a payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods

Go365

An Office365 User Attack Tool

HellHall

Performing Indirect Clean Syscalls

Home-Grown-Red-Team

Ivy

Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.

klezVirus.CyberSec.Blog

CyberSec Blog

legion

Automatic Enumeration Tool based in Open Source tools

Limelighter

A tool for generating fake code signing certificates or signing real ones

LOLBAS---Living-off-the-Land-Binaries

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

lsassy

Extract credentials from lsass remotely

OfficePurge

OSCP-Guided-Material

OSCP Cheat Sheet

Process_Injection_Techniques

A collection of scripts that use process injection with varying complexity

PSBits

Simple (relatively) things allowing you to dig a bit deeper than usual.

pythoncode-tutorials

The Python Code Tutorials

ReconAIzer

A Burp Suite extension to add OpenAI (GPT) on Burp and help you with your Bug Bounty recon to discover endpoints, params, URLs, subdomains and more!

RedTeaming-Tactics-and-Techniques

Red Teaming Tactics and Techniques

ScareCrow

ScareCrow - Payload creation framework designed around EDR bypass.

SecLists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

Thief-Cat

Powerfull fully undetect Tokens Grabber/Stealer send to webhook discord, Steal: Browsers Passwords/Cookies/CC, Window Info, Wallets, Minecraft, Bypass Firewall/Antivirus, Discord Injection, Chromium Injection JS (Brave,Chrome,OperaGX,Opera,Vivaldi,Edge,yandex).

yetAnotherObfuscator

C# obfuscator that bypass windows defender