Beast code in Giters

gerimisc's starred repositories

http-garden

Differential testing and fuzzing of HTTP servers and proxies

Language:PythonGPL-3.067200

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

Language:C#NOASSERTION225100

adeleg

Active Directory delegation management tool

Language:Rust27200

HExHTTP

Header Exploitation HTTP

Language:PythonMIT10800

GOAD

game of active directory

Language:PowerShellGPL-3.0484500

reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Language:HTMLGPL-3.0730200

NetblockTool

Find netblocks owned by a company

Language:PythonNOASSERTION33000

linWinPwn

linWinPwn is a bash script that streamlines the use of a number of Active Directory tools

Language:ShellMIT178100

ADOKit

Azure DevOps Services Attack Toolkit

Language:C#Apache-2.011800

smugglefuzz

A rapid HTTP downgrade smuggling scanner written in Go.

Language:GoMIT24100

awesome-policy-as-code

A curated list of policy-as-code resources like blogs, videos, and tools to practice on for learning Policy-as-Code.

CC0-1.017600

AutoRecon

AutoRecon is a multi-threaded network reconnaissance tool which performs automated enumeration of services.

Language:PythonGPL-3.0500400

my-arsenal-of-aws-security-tools

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Language:ShellApache-2.0885200

pacu

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Language:PythonBSD-3-Clause425300

Red-Teaming-Toolkit

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

GPL-3.0889000

HazProne

HazProne is a Cloud Pentesting Framework that emulates close to Real-World Scenarios by deploying Vulnerable-By-Demand AWS resources enabling you to pentest Vulnerabilities within, and hence, gain a better understanding of what could go wrong and why!!

Language:HCLBSD-3-Clause3900

apk-mitm

🤖 A CLI application that automatically prepares Android APK files for HTTPS inspection

Language:TypeScriptMIT369600

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Language:PythonBSD-3-Clause285200

aws_cpt

AWS Cloud Pentest Utility - Helper scripts for a quicker Cloud PT on AWS environments

Language:Python300

PurplePanda

Identify privilege escalation paths within and across different clouds

Language:PythonNOASSERTION65300

Mindmaps

Azure mindmap for penetration tests

GPL-3.015400

IntelRAGU

Intel Retrieval Augmented Generation (RAG) Utilities

Language:Jupyter Notebook8600

RedTeam-Tools

Tools and Techniques for Red Team / Penetration Testing

570400

jsoncrack.com

✨ Innovative and open-source visualization application that transforms various data formats, such as JSON, YAML, XML, CSV and more, into interactive graphs.

Language:TypeScriptNOASSERTION2923700

faction

Pen Test Report Generation and Assessment Collaboration

Language:JavaScriptGPL-2.040300

vulhub

Pre-Built Vulnerable Environments Based on Docker-Compose

Language:DockerfileMIT1729300

SECurityTr8Ker

SECurityTr8Ker monitors the SEC's RSS feed for 8-K filings with cybersecurity incident disclosures.

Language:Python5100

DonPAPI

Dumping DPAPI credz remotely

Language:PythonGPL-3.092400

AFL

american fuzzy lop - a security-oriented fuzzer

Language:CApache-2.0353800

gerimisc