Trending repositories for topic offensive-security
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
Automated NoSQL database enumeration and web application exploitation tool.
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
Awesome list of keywords and artifacts for Threat Hunting sessions
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
Yet another tool to dump a git repository from a website, focused on as-complete-as-possible dumps and handling weird edge-cases.
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
Awesome list of keywords and artifacts for Threat Hunting sessions
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
Leaked pentesting manuals given to Conti ransomware crooks
Automated NoSQL database enumeration and web application exploitation tool.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
Automated NoSQL database enumeration and web application exploitation tool.
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
A swiss army Knife for Penetration testing Networks and Active Directory.
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
This repo contains my own Ducky/BadUSB scripts, related PowerShell scripts and other Flipper Zero related stuff.
is a tool to find as much information as possible on Instagram accounts, such as username, full username, post target, account type, number of followers, number of followings and so on.
A swiss army Knife for Penetration testing Networks and Active Directory.
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, a...
Study guide and command sheet for Offensive Security PEN-210 course (Offensive Security Wireless Pentester - OSWP)
is a tool to find as much information as possible on Instagram accounts, such as username, full username, post target, account type, number of followers, number of followings and so on.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Threadless Module Stomping In Rust with some features (In memory of those murdered in the Nova party massacre)
This repo contains my own Ducky/BadUSB scripts, related PowerShell scripts and other Flipper Zero related stuff.
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, a...
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
Automated NoSQL database enumeration and web application exploitation tool.
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, a...
A swiss army Knife for Penetration testing Networks and Active Directory.
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
yara detection rules for hunting with the threathunting-keywords project
CTF challenges designed and implemented in machine learning applications
is a tool to find as much information as possible on Instagram accounts, such as username, full username, post target, account type, number of followers, number of followings and so on.
Hack The Box CPTS, CBBH Exam and Lab Reporting / Note-Taking Tool
My OSWE Pre-preperation (i.e. before acutally buying the course) phase plan and notes!
PIP-INTEL is an OSINT (Open Source Intelligence) tool designed using various open-source tools and pip packages.
Learn how to set up a fake authentication web page on a fake WiFi network.
Study guide and command sheet for Offensive Security PEN-210 course (Offensive Security Wireless Pentester - OSWP)
This repo contains my own Ducky/BadUSB scripts, related PowerShell scripts and other Flipper Zero related stuff.
Awesome list of keywords and artifacts for Threat Hunting sessions
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
PIP-INTEL is an OSINT (Open Source Intelligence) tool designed using various open-source tools and pip packages.
The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cl...
MSSprinkler is a password spraying utility for organizations to test their Microsoft Online accounts from an external perspective. It employs a 'low-and-slow' approach to avoid locking out accounts, a...
This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
Weaponizing the Linux Kernel (Hide Files/PID, SSH backdoors, SSL Sniffer, ...) by poking around eBPF/XDP
An open-source user mode debugger for Windows. Optimized for reverse engineering and malware analysis.
An advanced, yet simple, tunneling/pivoting tool that uses a TUN interface.
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️
Applied offensive security with Rust - https://kerkour.com/black-hat-rust
Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
:orange_book: Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report
Villain is a high level stage 0/1 C2 framework that can handle multiple reverse TCP & HoaxShell-based shells, enhance their functionality with additional features (commands, utilities) and share them ...
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Offensive security drives defensive security. We're sharing a collection of SaaS attack techniques to help defenders understand the threats they face. #nolockdown
Get Keyboard,Mouse,ScreenShot,Microphone Inputs from Target Computer and Send to your Mail.
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educatio...
Automated NoSQL database enumeration and web application exploitation tool.
Offensive Security OSCP, OSWP, OSEP, OSWA, OSWE, OSED, OSMR, OSEE, OSDA Exam and Lab Reporting / Note-Taking Tool
Awesome list of keywords and artifacts for Threat Hunting sessions
🦀 | RustRedOps is a repository for advanced Red Team techniques and offensive malware, focused on Rust
Practical resources for offensive CI/CD security research. Curated the best resources I've seen since 2021.
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
yara detection rules for hunting with the threathunting-keywords project
LSASS memory dumper using only NTAPIs, creating a minimal minidump, built in Rust with no_std and independent of the C runtime (CRT). It can be compiled as shellcode (PIC), supports XOR encryption, an...
Hack The Box CPTS, CBBH Exam and Lab Reporting / Note-Taking Tool
This is the combination of multiple evasion techniques to evade defenses. (Dirty Vanity)
Unorthodox and stealthy way to inject a DLL into the explorer using icons
Some Rust program I wrote while learning Malware Development
Study guide and command sheet for Offensive Security PEN-210 course (Offensive Security Wireless Pentester - OSWP)
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
A solution to create obfuscated reverse shells for PowerShell.
CTF challenges designed and implemented in machine learning applications
Collection of (4000+) malicious rMQR Codes for Penetration testing, Vulnerability assessments, Red Team operations, Bug Bounty and more
is a tool to find as much information as possible on Instagram accounts, such as username, full username, post target, account type, number of followers, number of followings and so on.
This repo contains my own Ducky/BadUSB scripts, related PowerShell scripts and other Flipper Zero related stuff.