Zubin's repositories
AFLplusplus
The fuzzer afl++ is afl with community patches, qemu 5.1 upgrade, collision-free coverage, enhanced laf-intel & redqueen, AFLfast++ power schedules, MOpt mutators, unicorn_mode, and a lot more!
big-list-of-naughty-strings
The Big List of Naughty Strings is a list of strings which have a high probability of causing issues when used as user-input data.
Chameleon
Chameleon: A tool for evading Proxy categorisation
country-ip-blocks
CIDR country-level IP data, straight from the Regional Internet Registries, updated hourly.
cwe_checker
cwe_checker finds vulnerable patterns in binary executables
DefaultCreds-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
DInvoke
Dynamically invoke arbitrary unmanaged code from managed code without PInvoke.
domato
DOM fuzzer
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
FACT_core
Firmware Analysis and Comparison Tool
ffuf
Fast web fuzzer written in Go
find-sec-bugs
The SpotBugs plugin for security audits of Java web applications and Android applications. (Also work with Kotlin, Groovy and Scala projects)
FindFrontableDomains
Search for potential frontable domains
fuzzilli
A JavaScript Engine Fuzzer
impacket
Impacket is a collection of Python classes for working with network protocols.
Jackalope
Binary, coverage-guided fuzzer for Windows and macOS
masscan
TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.
NetLoader
Loads any C# binary in mem, patching AMSI + ETW.
nmap-bootstrap-xsl
A Nmap XSL implementation with Bootstrap.
o365-attack-toolkit
A toolkit to attack Office365
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
Red-Team-Infrastructure-Wiki
Wiki to collect Red Team infrastructure hardening resources
rengine
reNgine is an automated reconnaissance framework meant for information gathering during penetration testing of web applications. reNgine has customizable scan engines, which can be used to scan the websites, endpoints, and gather information.
ScareCrow
ScareCrow - Payload creation framework designed around EDR bypass.
sliver
Adversary Emulation Framework
spiderfoot
SpiderFoot automates OSINT collection so that you can focus on analysis.
tls-scan
An Internet scale, blazing fast SSL/TLS scanner ( non-blocking, event-driven )
trufflehog
Find credentials all over the place
winafl
A fork of AFL for fuzzing Windows binaries
zmap
ZMap is a fast single packet network scanner designed for Internet-wide network surveys.