There are 2 repositories under offensivesecurity topic.
OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
WiFi Penetration Testing Guide
Discover new target domains using Content Security Policy
A Burp extension generates dynamic payloads to uncover injection flaws (LFI, RCE, SQLi), creates user access tables to identify authentication and authorization issues, attempts to bypass HTTP 403 access restrictions, and converts HTTP requests as JavaScript code for enhanced XSS exploitation.
Python tool for phishing
The Most Advanced Client-Side Prototype Pollution Scanner
Red Team tools weaponized
Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.
SQLMutant is a comprehensive SQL injection testing tool that provides several features to test for SQL injection vulnerabilities in web applications, uses various techniques to detect vulnerabilities, including pattern matching, error analysis, and timing attacks. The integration of Waybackurls and Arjun allows the tool to find additional
Defense Evasion Techniques Repository. This repository contains a collection of techniques designed to bypass Endpoint Detection and Response (EDR) and Extended Detection and Response (XDR) systems.
Python tools for networking
C2 and Post Exploitation Code
fsociety is a penetration toolkit inspired from MR. ROBOT
A nostalgic journey back to the era of retro RPGs with a cyber twist in the theme of Die Hard
Our repo for crushing through RTO course & labs.
Security testing tool to proactively assess cloud security by executing a comprehensive array of attack techniques across multiple surfaces via a simple web interface.
urlyzer is a URL parsing analysis tool.
Vulnserver exploits
My experiments in weaponizing ONOS applications (https://github.com/opennetworkinglab/onos)
🏴☠️ BST is an ever-evolving collection of 🛠 tools to help in security and administration tasks 😉
FConnch is a fast bulk subdomain availability checker
ChatGPT terminal assistant with a good memory to be used in ethical hacking, offensive cybersecurity and red teaming. **Warning:** These scripts are for training purposes to accompany a training course. Do not use on real applications without explicit permissions.
The purpose of this project is to scale the use of your software on the Cloud. Dynamically create a temporary infrastructure to accommodate your Shellcodes, Scans, Docker images collecting the results to a centralized DB. The platform distributes the command execution to the servers from a variety of regions, not raising flags about targeted attacks and requests that cannot be backtracked. After that, it destroys the infrastructure and a report is generated on the platform.
OffSec Certified Professional Certification (OSCP).
Mapping MITRE attacks to AI for learning attack behaviors and normal behavior.
An alpha-numeric subtraction encoder used for restrictive character set exploits.
Security Mindset Blog