jr69ss

ItWasAllADream

A PrintNightmare (CVE-2021-34527) Python Scanner. Scan entire subnets for hosts vulnerable to the PrintNightmare RCE

PatrowlHears

PatrowlHears - Vulnerability Intelligence Center / Exploits

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

ProxyLogon

reconftw

reconFTW is a tool designed to perform automated recon on a target domain by running the best set of tools to perform scanning and finding out vulnerabilities

ail-framework

AIL framework - Analysis Information Leak framework

awesome-osint

:scream: A curated list of amazingly awesome OSINT

BlueCloud

Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D. Azure and AWS terraform support.

centreon

Centreon is a network, system and application monitoring tool. Centreon is the only AIOps Platform Providing Holistic Visibility to Complex IT Workflows from Cloud to Edge.

CheeseTools

Self-developed tools for Lateral Movement/Code Execution

CVE-2021-1675

C# and Impacket implementation of CVE-2021-1675/PrintNightmare

CVE-2021-1676

Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)

CyberBattleSim

An experimentation and research platform to investigate the interaction of automated agents in an abstract simulated network environments.

donut

Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters

GVM-Docker

A Docker Image For Greenbone Vulnerability Management with OpenVAS

hashtopolis

A Hashcat wrapper for distributed hashcracking

ioc-finder

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. You can test this project out here: http://ioc-finder.hightower.space .

merlin

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.

merlin-agent

mimikatz

A little tool to play with Windows security

Nebula

Cloud C2 Framework, which at the moment offers reconnaissance, enumeration, exploitation, post exploitation on AWS, but still working to allow testing other Cloud Providers and DevOps Components.

nlist

An nmap script to produce target lists for use with various tools.

OffensiveNim

My experiments in weaponizing Nim (https://nim-lang.org/)

PrivescCheck

Privilege Escalation Enumeration Script for Windows

pupy

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

reconmap

VAPT (vulnerability assessment and penetration testing) automation and reporting platform.

ScareCrow

ScareCrow - Payload creation framework designed around EDR bypass.

twint

An advanced Twitter scraping & OSINT tool written in Python that doesn't use Twitter's API, allowing you to scrape a user's followers, following, Tweets and more while evading most API limitations.

vcpkg

C++ Library Manager for Windows, Linux, and MacOS

yara

The pattern matching swiss knife