vishnuraju

AD-Attack-Defense

Attack and defend active directory using modern post exploitation adversary tradecraft activity

adversary_emulation_library

An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.

awesome-threat-detection

A curated list of awesome threat detection and hunting resources

badPods

A collection of manifests that will create pods with elevated privileges.

Binaries-for-Red-Team

statically linked binary used in Red Team assignments

botb

A container analysis and exploitation tool for pentesters and engineers.

C3

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

cloudgoat

CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool

Enum-LSASS

LSASS enumeration like pypykatz written in C-Lang

express

Fast, unopinionated, minimalist web framework for node.

gitGraber

gitGraber is a tool developed in Python3 to monitor GitHub to search and find sensitive data for different online services such as: Google, Amazon, Paypal, Github, Mailgun, Facebook, Twitter, Heroku, Stripe...

google_dork_list

Google Dorks | Google helps you to find Vulnerable Websites that Indexed in Google Search Results. Here is the latest collection of Google Dorks. A collection of around 10,000 Dorks. Author: Jolanda de Koff

gowitness

🔍 gowitness - a golang, web screenshot utility using Chrome Headless

Handy-Scripts

Scripts that comes handy in dealing with VA and pentest reports

HVNC-Stealer

libprocesshider

Hide a process under Linux using the ld preloader (https://sysdig.com/blog/hiding-linux-processes-for-fun-and-profit/)

MalwareSourceCode

Collection of malware source code for a variety of platforms in an array of different programming languages.

Mapping-Injection

Just another Windows Process Injection

msgpack-c

MessagePack implementation for C and C++ / msgpack.org[C/C++]

PayloadsAllTheThings

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

peirates

Peirates - Kubernetes Penetration Testing tool

protozero

Minimalist protocol buffer decoder and encoder in C++

RedCsharp

Collection of C# projects. Useful for pentesting and redteaming.

Shuriken

Offensive Android Kernel on Steroids - Shuriken is an Android kernel for Oneplus 5/5T which supports multiple features for pentesting.

SILENTTRINITY

A post-exploitation agent powered by Python, IronPython, C#/.NET

stratus-red-team

:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud

UACME

Defeating Windows User Account Control

UltimateWDACBypassList

A centralized resource for previously documented WDAC bypass techniques

VX-API

Collection of various WINAPI tricks / features used or abused by Malware

VXUG-Papers

Research code & papers from members of vx-underground.