4-day longest streak
-
Burnt-Toast ★ PINNED
A GUI for testing and creating Evil toast notifications.
Python ★ 1 1mo agoExplain → -
Harness ★ PINNED
A fast, open-source HTTP proxy and web security testing Framework
JavaScript ★ 16 4d agoExplain → -
MailSniper ★ PINNED ⑂
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.
★ 0 11mo agoExplain → -
PowerMeta ★ PINNED ⑂
PowerMeta searches for publicly available files hosted on various websites for a particular domain
★ 0 1y agoExplain → -
PSAmsi ★ PINNED ⑂
PSAmsi is a tool for auditing and defeating AMSI signatures.
★ 0 8y agoExplain → -
Seatbelt ★ PINNED ⑂
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.
★ 0 1y agoExplain → -
PCredz ⑂
This tool extracts Credit card numbers, NTLM(DCE-RPC, HTTP, SQL, LDAP, etc), Kerberos (AS-REQ Pre-Auth etype 23), HTTP Basic, SNMP, POP, SMTP, FTP, IMAP, etc from a pcap file or from a live interface.
★ 0 4mo agoExplain → -
LOLA
Living of land artifacts - simple Linux enumeration script
★ 0 1mo agoExplain → -
HackLikeALegend ⑂
Scripts featured in the book How to Hack Like a Legend
★ 0 3y agoExplain → -
nsa-rules ⑂
Password cracking rules and masks for hashcat that I generated from cracked passwords.
★ 0 9y agoExplain → -
impacket ⑂
Impacket is a collection of Python classes for working with network protocols.
★ 0 6mo agoExplain → -
Responder ⑂
Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.
★ 0 7mo agoExplain → -
MSOLSpray ⑂
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
★ 0 2y agoExplain → -
OpenBullet2 ⑂
OpenBullet reinvented
★ 0 8mo agoExplain → -
SysWhispers3 ⑂
SysWhispers on Steroids - AV/EDR evasion via direct system calls.
★ 0 1y agoExplain → -
LightsOut ⑂
Generate an obfuscated DLL that will disable AMSI & ETW
★ 0 2y agoExplain → -
InternalAllTheThings ⑂
Active Directory and Internal Pentest Cheatsheets
★ 0 7mo agoExplain → -
PayloadsAllTheThings ⑂
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
★ 0 7mo agoExplain → -
web-security-Cheat-Sheet ⑂
🐶 A curated list of Web Security materials and resources.
★ 0 1y agoExplain →
No repos match these filters.