Giters
manuelsommer (manuel-sommer)

manuel-sommer

Geek Repo

11

followers

9

following

177

stars

Github PK Tool:Github PK Tool

manuelsommer's starred repositories

PwnFox

PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.

Language:JavaScriptStargazers:992Issues:0Issues:0

docem

A tool to embed XXE and XSS payloads in docx, odt, pptx, xlsx files (oxml_xxe on steroids)

Language:PythonStargazers:491Issues:0Issues:0

smbcrawler

smbcrawler is no-nonsense tool that takes credentials and a list of hosts and 'crawls' (or 'spiders') through those shares

Language:PythonLicense:MITStargazers:141Issues:0Issues:0

BloodHound

Six Degrees of Domain Admin

Language:GoLicense:Apache-2.0Stargazers:915Issues:0Issues:0

free-API-security-test-action

APIsec|SCAN - Free API security testing using Github actions

Language:PythonStargazers:84Issues:0Issues:0

social-engineer-toolkit

The Social-Engineer Toolkit (SET) repository from TrustedSec - All new versions of SET will be deployed here.

Language:PythonStargazers:10501Issues:0Issues:0

metasploit-cheat-sheet

Metasploit Cheat Sheet 💣

License:MITStargazers:391Issues:0Issues:0

365-Stealer

365-Stealer is a phishing simualtion tool written in python3. It can be used to execute Illicit Consent Grant Attack.

Language:PHPLicense:NOASSERTIONStargazers:410Issues:0Issues:0

GOAD

game of active directory

Language:PowerShellLicense:GPL-3.0Stargazers:4688Issues:0Issues:0

ScubaGear

Automation to assess the state of your M365 tenant against CISA's baselines

Language:Open Policy AgentLicense:CC0-1.0Stargazers:1467Issues:0Issues:0

FarsightAD

PowerShell script that aim to help uncovering (eventual) persistence mechanisms deployed by a threat actor following an Active Directory domain compromise

Language:PowerShellLicense:CC0-1.0Stargazers:93Issues:0Issues:0

PersistenceSniper

Powershell module that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines. Official Twitter/X account @PersistSniper. Made with ❤️ by @last0x00 and @dottor_morte

Language:PowerShellLicense:NOASSERTIONStargazers:1836Issues:0Issues:0

oneliner-bugbounty

oneliner commands for bug bounties

Stargazers:386Issues:0Issues:0

LFISuite

Totally Automatic LFI Exploiter (+ Reverse Shell) and Scanner

Language:PythonLicense:GPL-3.0Stargazers:1636Issues:0Issues:0

liffy

Local file inclusion exploitation tool

Language:PythonLicense:GPL-3.0Stargazers:742Issues:0Issues:0

crAPI

completely ridiculous API (crAPI)

Language:JavaLicense:Apache-2.0Stargazers:1030Issues:0Issues:0

zora

Zora is an open source solution that helps you achieve compliance with Kubernetes best practices recommended by industry-leading frameworks. By scanning your cluster with multiple plugins, Zora identifies potential issues, misconfigurations, and vulnerabilities.

Language:GoLicense:Apache-2.0Stargazers:268Issues:0Issues:0

SploitScan

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

Language:PythonLicense:GPL-3.0Stargazers:850Issues:0Issues:0

webHunt

Web App bug hunting

Stargazers:541Issues:0Issues:0

dependencytrack-pywrap

This is a python wrapper for the dependency track REST API.

Language:PythonLicense:MITStargazers:5Issues:0Issues:0

guac

GUAC aggregates software security metadata into a high fidelity graph database.

Language:GoLicense:Apache-2.0Stargazers:1222Issues:0Issues:0

vuln-list

NVD, Ubuntu, Alpine

Stargazers:400Issues:0Issues:0

bbot

A recursive internet scanner for hackers.

Language:PythonLicense:GPL-3.0Stargazers:4121Issues:0Issues:0

Dracnmap

Dracnmap is an open source program which is using to exploit the network and gathering information with nmap help. Nmap command comes with lots of options that can make the utility more robust and difficult to follow for new users. Hence Dracnmap is designed to perform fast scaning with the utilizing script engine of nmap and nmap can perform various automatic scanning techniques with the advanced commands.

Language:ShellLicense:GPL-3.0Stargazers:1128Issues:0Issues:0

BobTheSmuggler

"Bob the Smuggler": A tool that leverages HTML Smuggling Attack and allows you to create HTML files with embedded 7z/zip archives. The tool would compress your binary (EXE/DLL) into 7z/zip file format, then XOR encrypt the archive and then hides inside PNG/GIF image file format (Image Polyglots).

Language:PythonLicense:MITStargazers:469Issues:0Issues:0

Azure-Sentinel

Cloud-native SIEM for intelligent security analytics for your entire enterprise.

Language:Jupyter NotebookLicense:MITStargazers:4398Issues:0Issues:0

domscan

Simple tool to scan a website for (DOM-based) XSS vulnerabilities and Open Redirects.

Language:JavaScriptStargazers:180Issues:0Issues:0

reflector

Burp plugin able to find reflected XSS on page in real-time while browsing on site

Language:JavaStargazers:1099Issues:0Issues:0

Findomain

The fastest and complete solution for domain recognition. Supports screenshoting, port scan, HTTP check, data import from other tools, subdomain monitoring, alerts via Discord, Slack and Telegram, multiple API Keys for sources and much more.

Language:RustLicense:GPL-3.0Stargazers:3209Issues:0Issues:0

Open-Redirect-Payloads

Open Redirect Payloads

Language:ShellStargazers:562Issues:0Issues:0