melons135

neo-ConfuserEx

Updated ConfuserEX, an open-source, free obfuscator for .NET applications

Talon

A password guessing tool that targets the Kerberos and LDAP services within the Windows Active Directory environment.

traitor

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

caldera

Automated Adversary Emulation Platform

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

lpeworkshop

Windows / Linux Local Privilege Escalation Workshop

API-SecurityEmpire

API Security Project aims to present unique attack & defense methods in API Security field

black

The uncompromising Python code formatter

MicroBurst

A collection of scripts for assessing Microsoft Azure security

sherlock

Hunt down social media accounts by username across social networks

cheatsheet.github.io

community-scripts

A collection of ZAP scripts and tips provided by the community - pull requests very welcome!

awesome-linux-rootkits

awesome-linux-rootkits

malware-gems

A not so awesome list of malware gems for aspiring malware analysts

openvas-scanner

This repository contains the scanner component for Greenbone Community Edition.

NimShellCodeLoader

免杀，bypassav，免杀框架，nim，shellcode，使用nim编写的shellcode加载器

awesome-cloud-security

🛡️ Awesome Cloud Security Resources ⚔️

NimScan

🚀 Fast Port Scanner 🚀

NimPackt-v1

Nim-based assembly packer and shellcode loader for opsec & profit

EXOCET-AV-Evasion

EXOCET - AV-evading, undetectable, payload delivery tool

Sparrow

Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.

pingcastle

PingCastle - Get Active Directory Security at 80% in 20% of the time

ScoutSuite

Multi-Cloud Security Auditing Tool

WinPwn

Automation for internal Windows Penetrationtest / AD-Security

ThreadStackSpoofer

Thread Stack Spoofing - PoC for an advanced In-Memory evasion technique allowing to better hide injected shellcode's memory allocation from scanners and analysts.

DNS-Fender

A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.

malicious-pdf

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

blackhat-python3

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.

awesome-android-security

A curated list of Android Security materials and resources For Pentesters and Bug Hunters

SysmonSimulator

Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.