4-day current streak·9-day longest streak
-
OSCP ★ PINNED
OSCP Cheat Sheet
PowerShell ★ 3.8k 2d agoExplain → -
Red-Team-Playbooks ★ PINNED
This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.
PowerShell ★ 432 3d agoExplain → -
Awesome-Cybersecurity-Handbooks ★ PINNED
A huge chunk of my personal notes since I started playing CTFs and working as a Red Teamer.
★ 3.8k 2d agoExplain → -
CTF-Notes ★ PINNED ⑂
From Zero To Hero
Shell ★ 39 2mo agoExplain → -
Zig-Loader ★ PINNED
A proof-of-concept shellcode loader demonstrating advanced evasion techniques for security research.
Zig ★ 5 5mo agoExplain → -
Cybersecurity-Book-Recommendations ★ PINNED
This repository is about books I recommend in terms of cybersecurity.
★ 14 9d agoExplain → -
vx-underground-wordlist
Wordlist to crack .zip-file password
★ 203 4y agoExplain → -
Cybersecurity-Glossary
A summary of the most abbreviations I encountered so far
★ 30 21h agoExplain → -
Red-Team-Field-Guide
Field guide to gather low-hanging fruits
★ 14 1y agoExplain → -
OSCP-Note-Vault
Obsidian Vault for note taking during the OSCP exam.
★ 10 1y agoExplain → -
InfoScraper
Python implementation of two famous JavaScript payloads for Bug Bounty.
Python ★ 8 3mo agoExplain → -
0xsyr0
No description.
★ 7 3mo agoExplain → -
Audit-Checklists
A collection of self-contained, offline security audit checklists for penetration testers and red teamers. Each checklist covers a distinct target environment with ordered checks, ready-to-run commands, and built-in tooling support.
HTML ★ 6 3mo agoExplain → -
Log4Shell
This repository contains all gathered resources we used during our Incident Reponse on CVE-2021-44228 and CVE-2021-45046 aka Log4Shell.
★ 6 1y agoExplain → -
Obsidian-Snippets
Obsidian snippets for generating engagements reports
★ 5 1y agoExplain → -
Cheatsheets ⑂
A list of Cheatsheet compiled by CloudBreach Team
★ 5 21d agoExplain → -
atomic-red-team ⑂
Small and highly portable detection tests based on MITRE's ATT&CK.
C ★ 5 1y agoExplain → -
syshell
Protected web shell for offensive security purposes.
PHP ★ 4 11mo agoExplain → -
Bobber ⑂
Bounces when a fish bites - Evilginx database monitoring with exfiltration automation
Python ★ 4 9mo agoExplain → -
Security-Awareness-Calculator
Security awareness tooling demonstrating VSCode extension abuse, reverse shell delivery, and Firefox session cookie theft — for authorised penetration testing and internal security awareness demonstrations only.
Python ★ 3 1mo agoExplain → -
nuclei-templates
A collection of useful nuclei templates
★ 3 1y agoExplain → -
sliver ⑂
Adversary Emulation Framework
Go ★ 3 5mo agoExplain → -
Red-Teaming-Toolkit ⑂
This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.
★ 3 1y agoExplain → -
AI-Exploit-Forge-Collection
A curated collection of AI-assisted exploit scripts developed during penetration testing engagements, red team operations, and CTF competitions.
Python ★ 2 2mo agoExplain → -
AI-Arsenal
A curated collection of AI-assisted scripts for offensive security operations, penetration testing, and red team engagements.
Python ★ 2 3mo agoExplain → -
pytroj
This repository contains files for the Python programming series of Alh4zr3d on YouTube.
Python ★ 2 3y agoExplain → -
bindshell
bindshell project for understanding purposes
C ★ 2 1y agoExplain → -
APTs-Adversary-Simulation ⑂
This repository contains detailed adversary simulation APT campaigns targeting various critical sectors. Each simulation includes custom tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and other malicious artifacts that mirror those used in real world attacks .
★ 2 5mo agoExplain → -
GoRedOps ⑂
🦫 | GoRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Go programming language, all is made for educational purpoeses only.
★ 2 1y agoExplain → -
Empire ⑂
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
PowerShell ★ 2 5mo agoExplain → -
Havoc ⑂
The Havoc Framework
Go ★ 2 5mo agoExplain → -
thc-tips-tricks-hacks-cheat-sheet ⑂
Various tips & tricks
Shell ★ 2 1y agoExplain → -
phishing-templates ⑂
Over 50 of The Most Deceptive Phishing Templates, Pages & Links for GoPhish!
★ 2 2y agoExplain → -
OffensiveNim ⑂
My experiments in weaponizing Nim (https://nim-lang.org/)
Nim ★ 2 9mo agoExplain → -
RustRedOps ⑂
🦀 | RustRedOps is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust programming language. (In Construction)
Rust ★ 2 9mo agoExplain → -
GadgetToJScript ⑂
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
★ 2 5y agoExplain → -
PowerSploit ⑂
PowerSploit - A PowerShell Post-Exploitation Framework
★ 2 5y agoExplain → -
sliver-gui ⑂
A desktop operator console for Sliver C2, built with Wails. Provides a native, lightweight GUI interface for Sliver by directly interfacing with its gRPC service no proxies or protocol reimplementations required.
★ 1 2d agoExplain → -
0xsyr0.github.io
A dark-themed minimalistic static site for cybersecurity professionals, built for GitHub Pages.
HTML ★ 1 3mo agoExplain → -
Havoc-C2-SSRF-RCE-Exploit
Merged exploit to abuse SSRF for delivering RCE through websockets.
Python ★ 1 1y agoExplain → -
Mythic_NimSyscallPacker_Wrapper ⑂
Mythic C2 wrapper for NimSyscallPacker
★ 1 1y agoExplain → -
CF-Hero ⑂
CF-Hero is a reconnaissance tool that uses multiple data sources to discover the origin IP addresses of Cloudflare-protected web applications
★ 1 1y agoExplain → -
GroupPolicyBackdoor ⑂
Group Policy Objects manipulation and exploitation framework
★ 1 7mo agoExplain → -
Claude-Red ⑂
claude-red is a curated library of offensive security skills designed for the Claude skills system. Each skill is a structured SKILL.md file that primes Claude with expert-level methodology for a specific attack surface — from SQLi to shellcode, EDR evasion to exploit development.
★ 1 2mo agoExplain → -
Kassandra ⑂
Kassandra is a custom Mythic C2 agent written in Rust, containerized via a Python-based builder
★ 1 4mo agoExplain → -
claude-code-backdoor ⑂
Backdooring Claude Code via hooks in settings.json. Authorized use only!
★ 1 2mo agoExplain → -
GraphSpy ⑂
Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI
★ 1 6mo agoExplain → -
ROADtools ⑂
A collection of Azure AD/Entra tools for offensive and defensive security purposes
★ 1 5mo agoExplain → -
pentagi ⑂
✨ Fully autonomous AI Agents system capable of performing complex penetration testing tasks
★ 1 3mo agoExplain → -
armory-rs ⑂
Rusty Armory - Beacon Object Files (BOFs) in Rust (Codename: Armory)
★ 1 3mo agoExplain → -
RTLC2 ⑂
No description.
★ 1 4mo agoExplain → -
ClickOnceBlobber ⑂
No description.
★ 1 4mo agoExplain → -
OptixGate ⑂
Open-source multi-purpose remote access tool for Microsoft Windows
Pascal ★ 1 5mo agoExplain → -
Black-Hat-Zig ⑂
This project provides some code examples of Zig for malwares, hacking, and red teaming.
Zig ★ 1 5mo agoExplain → -
Ransomware ⑂
No description.
Python ★ 1 5mo agoExplain → -
ZigStrike ⑂
ZigStrike, a powerful Payload Delivery Pipeline developed in Zig, offering a variety of injection techniques and anti-sandbox features.
Zig ★ 1 5mo agoExplain → -
FindMeAccess ⑂
No description.
Python ★ 1 5mo agoExplain → -
evilginx2 ⑂
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Go ★ 1 5mo agoExplain → -
gophish ⑂
Open-Source Phishing Toolkit
Go ★ 1 1y agoExplain → -
Terms-of-What ⑂
Terms of Use Conditional Access M365 Evilginx Phishlet
★ 1 1y agoExplain → -
Ankou ⑂
A flexible, AI powered C2 framework built with operators in mind
★ 1 7mo agoExplain → -
Nimhawk ⑂
A powerful, modular, lightweight and efficient command & control framework written in Nim.
★ 1 8mo agoExplain → -
dittobytes ⑂
Metamorphic cross-compilation of C++ & C-code to PIC, BOF & EXE.
C++ ★ 1 9mo agoExplain → -
peeko ⑂
peeko – Browser-based XSS C2 for stealthy internal network exploration via infected browser.
HTML ★ 1 9mo agoExplain → -
PowerSharpPack ⑂
No description.
PowerShell ★ 1 9mo agoExplain → -
sliver-cheatsheet ⑂
Sliver CheatSheet for OSEP
★ 1 1y agoExplain → -
PackMyPayload ⑂
A PoC that packages payloads into output containers to evade Mark-of-the-Web flag & demonstrate risks associated with container file formats. Supports: ZIP, 7zip, PDF, ISO, IMG, CAB, VHD, VHDX
★ 1 2y agoExplain → -
Packer_Development ⑂
No description.
C ★ 1 1y agoExplain → -
PowerShellRunner ⑂
PowerShell runner for executing malicious payloads in order to bypass Windows Defender.
PowerShell ★ 1 1y agoExplain → -
PynAuth ⑂
No description.
Python ★ 1 1y agoExplain → -
merlin-agent-dll ⑂
No description.
Go ★ 1 2y agoExplain → -
nim_for_hackers2 ⑂
slides for talk given during uscg 2023 combine
★ 1 2y agoExplain → -
Offensive-C-Sharp ⑂
No description.
★ 1 3y agoExplain → -
OffensiveRust ⑂
Rust Weaponization for Red Team Engagements.
Rust ★ 1 2y agoExplain → -
AM0N-Eye ⑂
No description.
★ 1 3y agoExplain → -
OffensivePipeline ⑂
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
C# ★ 1 2y agoExplain → -
Nimcrypt2 ⑂
.NET, PE, & Raw Shellcode Packer/Loader Written in Nim
★ 1 4y agoExplain → -
nishang ⑂
Nishang - Offensive PowerShell for red team, penetration testing and offensive security.
PowerShell ★ 1 2y agoExplain → -
GitBackup
Small Python script to backup available repositories on GitHub within a users profile.
Python ★ 0 3mo agoExplain → -
syro-Theme
A dark-themed minimalistic static site for cybersecurity professionals, built for GitHub Pages.
HTML ★ 0 3mo agoExplain → -
GitLab-Artifact-Downloader
Downloads the latest artifact from a pipeline.
Python ★ 0 3mo agoExplain → -
CustomSharpCollection
No description.
★ 0 2y agoExplain → -
khaos-c2 ⑂
KHAOS is a modern C2 framework that routes agent traffic through cloud services already trusted by enterprise networks.
★ 0 9d agoExplain → -
ArachneC2 ⑂
Decentralized C2 framework built on libp2p
★ 0 28d agoExplain → -
StegoForge ⑂
The ultimate steganography and digital forensics toolkit. Hide and extract data across images, audio, video, documents, and network packets, or run 11 advanced detection engines to uncover hidden payloads.
★ 0 2mo agoExplain → -
RoguePlanet ⑂
RoguePlanet Windows Defender Vulnerability
★ 0 1mo agoExplain → -
AzureRedOps ⑂
Azure RedOps is a offensive security toolkit for assessing the security posture of Microsoft Entra ID
★ 0 1mo agoExplain → -
Diamorphine ⑂
LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x/6.x (x86/x86_64 and ARM64)
★ 0 2mo agoExplain → -
Singularity ⑂
Stealthy Linux Kernel Rootkit for modern kernels (6x)
★ 0 2mo agoExplain → -
OpenPetya ⑂
A Proof-of-Concept bootkit inspired by Petya ransomware, written in Assembly, C, and C++
★ 0 1mo agoExplain → -
Hecate ⑂
A modern alternative Web-UI for the Mythic Command and Control Server
★ 0 1mo agoExplain → -
MiniPlasma ⑂
CVE-2020-17103 was apparently not patched or the patch was reversed, regardless this the PoC for an LPE in cldflt.sys
★ 0 1mo agoExplain → -
UnDefend ⑂
Repository hosting windows defender DOS tool
★ 0 2mo agoExplain → -
BlueHammer ⑂
Repository hosting the bluehammer vulnerability
★ 0 3mo agoExplain → -
RedSun ⑂
The Red Sun vulnerability repository
★ 0 2mo agoExplain → -
GreenPlasma ⑂
GreenPlasma Windows CTFMON Arbitrary Section Creation Elevation of Privileges Vulnerability
★ 0 1mo agoExplain → -
YellowKey ⑂
YellowKey Bitlocker Bypass Vulnerability
★ 0 1mo agoExplain → -
GhostLock ⑂
SMB deny-share handle research tool. Lock files on an enterprise share with zero writes, zero encryption, and zero alerts in any behavioral defense. Standard user. One API call. No CVE.
★ 0 2mo agoExplain → -
promptfoo ⑂
Test your prompts, agents, and RAGs. Red teaming/pentesting/vulnerability scanning for AI. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. Used by OpenAI and Anthropic.
★ 0 3mo agoExplain → -
raptor ⑂
Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents, and skills, and orchestrating security tool usage, we configure the agent for adversarial thinking, and perform research or attack/defense operations.
★ 0 3mo agoExplain → -
InfraGuard ⑂
InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution
★ 0 3mo agoExplain → -
NimDrop ⑂
Automated Nim shellcode stager builder for Sliver C2 - cross-compiles a Windows evasion payload in one command. For authorized red team engagements only.
★ 0 3mo agoExplain → -
redStack ⑂
Boot-to-Breach red team lab on AWS. Mythic, Sliver, and Havoc C2 behind a production-style Apache redirector. Deployed via Terraform, to be used for training/self hosted environments.
★ 0 3mo agoExplain → -
Outpacket ⑂
This cheatsheet maps common impacket workflows to their modern alternatives
★ 0 3mo agoExplain → -
Red-team-Interview-Questions ⑂
Red team Interview Questions
★ 0 1y agoExplain → -
SynthAPT ⑂
Generate malware with AI
★ 0 4mo agoExplain → -
fawkes ⑂
Fawkes is a golang Mythic C2 Agent exclusively written by AI.
★ 0 4mo agoExplain → -
SysWhispers4 ⑂
AV/EDR evasion via direct and indirect system calls Windows NT 3.1 through Windows 11 24H2 · x64 · x86 · WoW64 · ARM64
★ 0 4mo agoExplain → -
azureOutlookC2 ⑂
Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.
★ 0 3y agoExplain → -
PhishHook ⑂
A modern GoPhish fork with improved tracking accuracy and smarter detection.
★ 0 5mo agoExplain → -
AdaptixC2 ⑂
No description.
C++ ★ 0 5mo agoExplain → -
Mythic ⑂
A collaborative, multi-platform, red teaming framework
JavaScript ★ 0 5mo agoExplain → -
conquest ⑂
Conquest is a feature-rich and malleable command & control/post-exploitation framework developed in Nim.
Nim ★ 0 5mo agoExplain → -
phishingclub ⑂
Self hosted phishing framework
Go ★ 0 5mo agoExplain → -
TeamFiltration ⑂
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
C# ★ 0 5mo agoExplain → -
SuperMega ⑂
Stealthily inject shellcode into an executable
Python ★ 0 5mo agoExplain → -
TokenTacticsV2 ⑂
A fork of the great TokenTactics with support for CAE and token endpoint v2
PowerShell ★ 0 5mo agoExplain → -
merlin ⑂
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Go ★ 0 5mo agoExplain → -
Azure-Red-Team ⑂
Azure Security Resources and Notes
PowerShell ★ 0 5mo agoExplain → -
PKINITtools ⑂
Tools for Kerberos PKINIT and relaying to AD CS
Python ★ 0 5mo agoExplain → -
venom ⑂
Venom C2 is a dependency‑free Python3 Command & Control framework for redteam persistence
★ 0 8mo agoExplain → -
svg_payload ⑂
reverse engineered and reimplemented from an example in the wild. bypasses proofpoint and EDRs
★ 0 1y agoExplain → -
Sickle ⑂
Payload Development Framework
★ 0 8mo agoExplain → -
Hannibal ⑂
A Mythic Agent written in PIC C.
C ★ 0 9mo agoExplain → -
OffensiveCpp ⑂
This repo contains C/C++ snippets that can be handy in specific offensive scenarios.
C++ ★ 0 9mo agoExplain → -
BOAZ_beta ⑂
Multilayered AV/EDR Evasion Framework
C++ ★ 0 9mo agoExplain → -
Loki ⑂
🧙♂️ Node JS C2 for backdooring vulnerable Electron applications
JavaScript ★ 0 9mo agoExplain → -
ScareCrow ⑂
ScareCrow - Payload creation framework designed around EDR bypass.
★ 0 3y agoExplain → -
CharmingKitten ⑂
Exposing CharmingKitten's malicious activity for IRGC-IO devision Counterintelligence devision (1500)
★ 0 9mo agoExplain → -
evilgophish ⑂
evilginx3 + gophish
★ 0 2y agoExplain → -
shadowbrokers-exploits ⑂
Mirror of Shadowbrokers release from https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
★ 0 9y agoExplain → -
GraphStrike ⑂
Cobalt Strike HTTPS beaconing over Microsoft Graph API
★ 0 2y agoExplain → -
C2-Tool-Collection ⑂
A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.
★ 0 2y agoExplain → -
Extension-Kit ⑂
AdaptixFramework Extension Kit
★ 0 1y agoExplain → -
Deep-Live-Cam ⑂
real time face swap and one-click video deepfake with only a single image
★ 0 1y agoExplain → -
RoqueVPN ⑂
Our Tips&Tricks
C ★ 0 1y agoExplain → -
PhantomPipe ⑂
A proof‑of‑concept C2 framework that uses Server‑Sent Events (SSE) and the MCP protocol for agent registration, command dispatch, and result collection. By tunneling through ngrok, you can quickly expose your C2 server to the public internet for rapid testing and demonstration.
★ 0 1y agoExplain → -
Manticore ⑂
A cross platform library to write offensive and defensive security tools in Go
★ 0 1y agoExplain → -
paradox ⑂
macos stealer poc
★ 0 1y agoExplain → -
Tempest ⑂
A command and control framework written in rust.
★ 0 1y agoExplain → -
Xenon ⑂
A Mythic agent for Windows written in C
★ 0 1y agoExplain → -
C2AllTheThings ⑂
All the things that can be used as a C2.
★ 0 1y agoExplain → -
forge ⑂
Command Augmentation support for BOFs and .NET assemblies across agents
★ 0 1y agoExplain → -
Rust-for-Malware-Development ⑂
This repository contains my complete resources and coding practices for malware development using Rust 🦀.
★ 0 1y agoExplain → -
elastic-container ⑂
Stand up a simple Elastic container with Kibana, Fleet, and the Detection Engine
★ 0 3y agoExplain → -
pe-union ⑂
Crypter, binder & downloader with native & .NET stub, evasive by design, user friendly UI
★ 0 4y agoExplain → -
targetedKerberoast ⑂
Kerberoast with ACL abuse capabilities
★ 0 1y agoExplain → -
Random ⑂
Assorted scripts and one off things
★ 0 1y agoExplain → -
BitM ⑂
Beagle in the Middle
★ 0 7y agoExplain → -
ssh-key-backdoor ⑂
No description.
★ 0 3y agoExplain → -
EnableAllTokenPrivs ⑂
Enable or Disable TokenPrivilege(s)
★ 0 2y agoExplain → -
recaptcha-phish ⑂
Phishing with a fake reCAPTCHA
★ 0 1y agoExplain → -
D3m0n1z3dShell ⑂
Demonized Shell is an Advanced Tool for persistence in linux.
★ 0 2y agoExplain → -
windows-vs-linux-loader-architecture ⑂
Side-by-side comparison of the Windows and Linux (GNU) Loaders
★ 0 2y agoExplain → -
DeimosC2 ⑂
DeimosC2 is a Golang command and control framework for post-exploitation.
★ 0 3y agoExplain → -
rcat ⑂
rcat
★ 0 4y agoExplain → -
xc ⑂
A small reverse shell for Linux & Windows
★ 0 4y agoExplain → -
DataBouncing ⑂
No description.
★ 0 2y agoExplain → -
ShellSync ⑂
No description.
★ 0 2y agoExplain → -
merlin-agent ⑂
Post-exploitation agent for Merlin
★ 0 2y agoExplain → -
HellHall ⑂
Performing Indirect Clean Syscalls
★ 0 3y agoExplain → -
OffensiveGo ⑂
Golang weaponization for red teamers.
★ 0 2y agoExplain → -
OffensiveCSharp ⑂
Collection of Offensive C# Tooling
★ 0 3y agoExplain → -
Covenant ⑂
Covenant is a collaborative .NET C2 framework for red teamers.
★ 0 3y agoExplain → -
NimPlant ⑂
A light-weight first-stage C2 implant written in Nim.
Nim ★ 0 2y agoExplain →
No repos match these filters.