henshin

LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

rough-auditing-tool-for-security

Automatically exported from code.google.com/p/rough-auditing-tool-for-security

mimiDbg

PowerShell oneliner to retrieve wdigest passwords from the memory

static-binaries

Various *nix tools built as statically-linked binaries

netelf

Run executables from memory, over the network, on Windows, Linux, OpenVMS... routers... spaceships... toasters etc.

subtee-gist-mirror

few months old but better than nothing

c-sharp-memory-injection

A set of scripts that demonstrate how to perform memory injection in C#

Internal-Monologue

Internal Monologue Attack: Retrieving NTLM Hashes without Touching LSASS

Tokenvator

A tool to elevate privilege with Windows Tokens

lpeworkshop

Windows / Linux Local Privilege Escalation Workshop

openvpn-install

OpenVPN road warrior installer for Ubuntu, Debian, AlmaLinux, Rocky Linux, CentOS and Fedora

PRET

Printer Exploitation Toolkit - The tool that made dumpster diving obsolete.

ProcMonX

Extended Process Monitor-like tool based on Event Tracing for Windows

dnSpy

.NET debugger and assembly editor

visual-studio-projects

Holds all simple Visual Studio programs that I've created over the years.

PowerUpSQL

PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server

DomainFrontingLists

A list of Domain Frontable Domains by CDN

john

John the Ripper jumbo - advanced offline password cracker, which supports hundreds of hash and cipher types, and runs on many operating systems, CPUs, GPUs, and even some FPGAs

teh_s3_bucketeers

Invoke-PSImage

Encodes a PowerShell script in the pixels of a PNG file and generates a oneliner to execute

Cr3dOv3r

Know the dangers of credential reuse attacks.

atomic-red-team

Small and highly portable detection tests based on MITRE's ATT&CK.

UltimateAppLockerByPassList

The goal of this repository is to document the most common techniques to bypass AppLocker.

awesome-osint

:scream: A curated list of amazingly awesome OSINT

marshalsec

evilarc

Create tar/zip archives that can exploit directory traversal vulnerabilities

cameradar

Cameradar hacks its way into RTSP videosurveillance cameras

BaRMIe

Java RMI enumeration and attack tool.

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF