Beast code in Giters

gold1029's starred repositories

AD-Attack-Defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

432700

awesome-cybersecurity-blueteam

:computer:🛡️ A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams.

413700

Scanners-Box

A powerful and open-source toolkit for hackers and security automation - 安全行业从业者自研开源扫描器合辑

809000

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

Language:PythonNOASSERTION367500

Red-Baron

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.

Language:HCLGPL-3.086500

Red-Baron

Automate creating resilient, disposable, secure and agile infrastructure for Red Teams

Language:HCLGPL-3.037000

ptf

The Penetration Testers Framework (PTF) is a way for modular support for up-to-date tools.

Language:Python504300

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

Language:CMIT932400

shiroPoc

Language:Java32200

emergency-response-checklist

应急响应指南 / emergency response checklist

MIT62900

Real-timeDetectionAD_journal

Language:Python2500

spring-boot-actuator-cloud-vul

Spring Boot Actuator + Spring Cloud Vul Env

Language:Java1900

sweetie-data

This repo contains logstash of various honeypots

NOASSERTION17400

CobaltStrike-Toolset

Aggressor Script, Kits, Malleable C2 Profiles, External C2 and so on

Language:PowerShellGPL-3.050100

HideShell

A JSP backdoor that enables under Tomcat hiding arbitrary JSP files, in addition to their access logs.

Language:Java21400

openresty-best-practices

Language:Lua355400

posh-dsc-windows-hardening

Windows OS Hardening with PowerShell DSC

Language:PowerShellGPL-3.026000

iox

Tool for port forwarding & intranet proxy

Language:GoMIT95200

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Language:PythonMIT5817400

gadgetinspector

A byte code analyzer for finding deserialization gadget chains in Java applications

Language:JavaMIT96200

Java-Deserialization-Cheat-Sheet

The cheat sheet about Java Deserialization vulnerabilities

298400

java-object-searcher

java内存对象搜索辅助工具

Language:Java75200

Invoke-DOSfuscation

Cmd.exe Command Obfuscation Generator & Detection Test Harness

Language:PowerShellApache-2.079300

GitMonitor

One way to continuously monitor sensitive information that could be exposed on Github

Language:PythonLGPL-3.017400

Spray

A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)

Language:ShellGPL-3.070700

DeTTECT

Detect Tactics, Techniques & Combat Threats

Language:SCSSGPL-3.0200600

Impost3r

👻Impost3r -- A linux password thief

Language:CMIT60000

Chinese-translation-ATT-CK-framework

ATT&CK 框架图中文翻译版原为安恒奖品，自我二次翻译，修改了一些小的翻译错误问题，自我保存即可

26600

BetterSafetyKatz

Fork of SafetyKatz that dynamically fetches the latest pre-compiled release of Mimikatz directly from gentilkiwi GitHub repo, runtime patches signatures and uses SharpSploit DInvoke to PE-Load into memory.

Language:C#NOASSERTION78600

python_code_audit

python 代码审计项目

Language:Python27300