#
Lists (32)
active directory
81 repositories
API testing
Enumeration and finding swagger26 repositories
APK mobile
14 repositories
Audio with AI
1 repository
Azure
9 repositories
Bug bounty
6 repositories
Cloud
4 repositories
Compile
2 repositories
CVE -Exploits
4 repositories
Darkweb/ Tor
2 repositories
Email spraying bruteforce
8 repositories
GPT / AI
102 repositories
iMessage
2 repositories
LEA-Phish
20 repositories
Local file transfers
3 repositories
M365 cloud
31 repositories
Malware analysis
30 repositories
Obfuscation tools
3 repositories
OSINT
35 repositories
Other
141 repositories
Password manager access
1 repository
pentest
pentest stuff274 repositories
Pentest report writing
4 repositories
Phishing
6 repositories
printers
1 repository
Red team
205 repositories
Remote access
16 repositories
Roadmaps
2 repositories
Subdomains recon
5 repositories
web app testing
66 repositories
Wifi attacks
6 repositories
XSS
6 repositories
Starred repositories
Command and Control Framework using powershell implants
TeamFiltration is a cross-platform framework for enumerating, spraying, exfiltrating, and backdooring O365 AAD accounts
A new AiTM attack framework — based on leveraging service workers — designed to conduct credential phishing campaigns. Thanks to its minimalist, robust, and highly adaptable architecture, this solu…
Gain another host's network access permissions by establishing a stateful connection with a spoofed source IP
An even funnier way to disable windows defender. (through WSC api)
An automated document analyzer for Paperless-ngx using OpenAI API, Ollama, Deepseek-r1, Azure and all OpenAI API compatible Services to automatically analyze and tag your documents.
SOCKS5 proxy tool that uses Azure Blob Storage as a means of communication.
This Module Helps to Scan a Commit History of a Repo for Leakage of Secrets
attacksurge / ax
Forked from pry0cc/axiomThe Distributed Scanning Framework for Everybody! Control Your Infrastructure, Scale Your Scanning—On Your Terms. Easily distribute arbitrary binaries and scripts using any of our nine supported cl…
SourcePoint is a C2 profile generator for Cobalt Strike command and control servers designed to ensure evasion.
Map visualization and firewall for AWS activity, inspired by Little Snitch for macOS.
This script was developped to assist in SpearPhishing campaign during Red Team operations. It can be used to generate random name based on country of origin, sex and how common the combination of s…
Living off the land searches for explorer and sharepoint
Weaponizing DCOM for NTLM Authentication Coercions
Python implementation of two famous JavaScript payloads for Bug Bounty.
For educational purposes only, exhaustive samples of 450+ classic/modern trojan builders including screenshots.
MemProcFS-Analyzer - Automated Forensic Analysis of Windows Memory Dumps for DFIR
Tool for finding URLs, paths, secrets and generating raw HTTP requests and OpenApi specifications from config files and annotations used in JAR / WAR / APK applications.
PairDrop: Transfer Files Cross-Platform. No Setup, No Signup.
Bruteforcing from various scanner output - Automatically attempts default creds on found services.
Access your entire server infrastructure from your local desktop
A utility for parsing Common and Combined Log Format (CLF) log files and storing them in SQLite for further analysis. Built with concurrency in mind.
Evilginx Phishing Infrastructure Setup Guide - Securing Evilginx and Gophish Infrastructure, Removing IOCs, Phishing TTPs
A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx.
Creating a repository with all public Beacon Object Files (BoFs)
FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!