vodkanaut

CVE-2023-23397

Simple PoC in PowerShell for CVE-2023-23397

CrackMapExec

A swiss army knife for pentesting networks

DNSStager

Hide your payload in DNS

eaphammer

Targeted evil twin attacks against WPA2-Enterprise networks. Indirect wireless pivots using hostile portal attacks.

flipperzero-bruteforce

Brute force subghz fixed codes using flipper zero

getting-started-k8s

Code and YAML files for Getting Started with Kubernetes video course on Pluralsight

iSniff-GPS

Passive sniffing tool for capturing and visualising WiFi location data disclosed by iOS devices

LinEnum

Scripted Local Linux Enumeration & Privilege Escalation Checks

linux-exploit-suggester

Linux privilege escalation auditing tool

LOLBAS

Living Off The Land Binaries And Scripts - (LOLBins and LOLScripts)

MailSniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

MicroBurst

A collection of scripts for assessing Microsoft Azure security

mona

Corelan Repository for mona.py

nzyme

Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.

PowerHunt

PowerHunt is a modular threat hunting framework written in PowerShell that leverages PowerShell Remoting for data collection on scale.

PowerHuntShares

PowerHuntShares is an audit script designed in inventory, analyze, and report excessive privileges configured on Active Directory domains.

pwncat

Fancy reverse and bind shell handler

pypykatz

Mimikatz implementation in pure Python

remoteInjector

Inject remote template link into word document for remote template injection

Rubeus

Trying to tame the three-headed dog.

SDRPlusPlus

Cross-Platform SDR Software

Seatbelt

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

sherlock

🔎 Hunt down social media accounts by username across social networks

smbeagle

SMBeagle - Fileshare auditing tool.

test-attack-bridge

trufflehog

Find credentials all over the place

wifi-pentesting-guide

WiFi Penetration Testing Guide

WiFiChallengeLab-docker

Virtualized WiFi pentesting laboratory without the need for physical WiFi cards, using mac80211_hwsim. Docker version of WiFiChallenge Lab with modifications in the challenges and improved stability. Ubuntu virtual machine with virtualized networks and clients to perform WiFi attacks on OPN, WPA2, WPA3 and Enterprise networks.

windapsearch

Python script to enumerate users, groups and computers from a Windows domain through LDAP queries

wsgidav

A generic and extendable WebDAV server based on WSGI