r3nt0n

fuzzdb

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

Arjun

HTTP parameter discovery suite.

Rubeus

Trying to tame the three-headed dog.

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

Invoke-Obfuscation

PowerShell Obfuscator

Pwdb-Public

A collection of all the data i could extract from 1 billion leaked credentials from internet.

InfoSec-Black-Friday

All the deals for InfoSec related software/tools this Black Friday

pe_to_shellcode

Converts PE into a shellcode

BypassAV

This map lists the essential techniques to bypass anti-virus and EDR

BadBlood

BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world. After BadBlood is ran on a domain, security analysts and engineers can practice using tools to gain an understanding and prescribe to securing Active Directory. Each time this tool runs, it produces different results. The domain, users, groups, computers and permissions are different. Every. Single. Time.

inceptor

Template-Driven AV/EDR Evasion Framework

writehat

A pentest reporting tool written in Python. Free yourself from Microsoft Word.

redteam-research

Collection of PoC and offensive techniques used by the BlackArrow Red Team

Tokenvator

A tool to elevate privilege with Windows Tokens

ldapnomnom

Quietly and anonymously bruteforce Active Directory usernames at insane speeds from Domain Controllers by (ab)using LDAP Ping requests (cLDAP)

phishing-frenzy

Ruby on Rails Phishing Framework

PowerShell-Obfuscation-Bible

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.

impacket_static_binaries

Standalone binaries for Linux/Windows of Impacket's examples

rbndr

Simple DNS Rebinding Service

php_filter_chain_generator

awesome_windows_logical_bugs

collect for learning cases

GC2-sheet

GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.

phishing-frenzy-templates

Phishing Scenarios Used for Phishing Frenzy

bluetooth-hacking-

This repository contains scripts in python from discovering bluetooth to taking over the bluetooth connections.

nmap-static-binaries

pentest_teamcity

Pentest TeamCity using Metasploit

CrackingWordLists

Recopilación de Reglas y Diccionarios para Password Cracking

EvilPortalGenerator

Script to create custom Evil Portals using the Wifi Pineapple 🍍😈

Pineapple-wifi-portals

wifi pineapple portals for wifi autentication

pineapple-azure-portal

based on google portal in https://github.com/kleo/evilportals/tree/master/portals