onSec-fr

followers

following

stars

Antoine.L's starred repositories

go-ftw

Web Application Firewall Testing Framework - Go version

Language:GoApache-2.09800

waf-comparison-project

Testing datasets and tools to compare WAF efficacy

Language:PythonApache-2.011900

Awesome-WAF

🔥 Web-application firewalls (WAFs) from security standpoint.

Language:PythonApache-2.0600200

keyhacks

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

Invoke-RunAsWithCert

A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.

Language:PowerShell8600

EvilGithubIssue

I will update it soon for now. Abuse Github issue comment attachment to use GitHub as a stealthy C2

Language:Python100

NetExec

The Network Execution Tool

Language:PythonBSD-2-Clause243800

RToolZ

A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.

Language:C30100

pentestkit

OWASP PTK - application security browser extension.

Language:JavaScriptAGPL-3.011600

Mobile-Security-Framework-MobSF

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

Language:JavaScriptGPL-3.01653200

caldera

Automated Adversary Emulation Platform

Language:PythonApache-2.0527500

Awesome-GPT-Agents

A curated list of GPT agents for cybersecurity

Apache-2.0489300

ADCSKiller

An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer

Language:PythonMIT68300

Free-Certifications

A curated list of free courses & certifications.

MIT2198900

myph

shellcode loader for your evasion needs

Language:GoGPL-3.022900

tlsx

Fast and configurable TLS grabber focused on TLS based data collection.

Language:GoMIT80400

FullBypass

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to DM if you find some bugs :)

Language:C#GPL-3.058600

psgetsystem

getsystem via parent process using ps1 & embeded c#

Language:PowerShell34800

SharpHound

C# Data Collector for BloodHound

Language:C#GPL-3.063700

WinPwn

Automation for internal Windows Penetrationtest / AD-Security

Language:PowerShellBSD-3-Clause321400

PowerSharpPack

Language:PowerShell143400

SOAPHound

SOAPHound is a custom-developed .NET data collector tool which can be used to enumerate Active Directory environments via the Active Directory Web Services (ADWS) protocol.

Language:C#GPL-3.058300

ExeToPosh

Extract PowerShell scripts from an Executable

Language:C#600

Snaffler

a tool for pentesters to help find delicious candy, by @l0ss and @Sh3r4 ( Twitter: @/mikeloss and @/sh3r4_hax )

Language:C#GPL-3.0187400

smbmap

SMBMap is a handy SMB enumeration tool

Language:PythonGPL-3.0170800

SafetyKatz

SafetyKatz is a combination of slightly modified version of @gentilkiwi's Mimikatz project and @subtee's .NET PE Loader

Language:C#NOASSERTION117400

WMIHACKER

A Bypass Anti-virus Software Lateral Movement Command Execution Tool

Language:VBScriptApache-2.0135300

arsenal

Arsenal is just a quick inventory and launcher for hacking programs

Language:PythonGPL-3.0302600

SploitScan

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

Language:PythonGPL-3.078900

SharpWeb

.NET 2.0 CLR project to retrieve saved browser credentials from Google Chrome, Mozilla Firefox and Microsoft Internet Explorer/Edge.

Language:C#49900