Stars
kaisaryousuf / orbitaldump
Forked from k4yt3x/orbitaldumpA simple multi-threaded distributed SSH brute-forcing tool written in Python
A wrapper around a pre-compiled version of the Mimikatz executable for the purpose of anti-virus evasion.
A tool for generating .NET serialized gadgets that can trigger .NET assembly load/execution when deserialized using BinaryFormatter from JS/VBS/VBA based scripts.
SigFlip is a tool for patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature.
Make asyncronus requests using libuv and libcurl
Social engineering tool [Access Webcam & Microphone & Location Finder] With {Py,JS,PHP}
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions.
📡 PoC auto collect from GitHub.
eBook "Bypassing AVS by C#.NET Programming" (Free Chapters only)
kaisaryousuf / LOLBAS
Forked from LOLBAS-Project/LOLBASLiving Off The Land Binaries And Scripts - (LOLBins and LOLScripts)
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Ap…
Exploit for CVE-2020-3952 in vCenter 6.7
Process Hollowing (Malware Technique)
Exphub[漏洞利用脚本库] 包括Webloigc、Struts2、Tomcat、Nexus、Solr、Jboss、Drupal的漏洞利用脚本,最新添加CVE-2020-14882、CVE-2020-11444、CVE-2020-10204、CVE-2020-10199、CVE-2020-1938、CVE-2020-2551、CVE-2020-2555、CVE-2020-2883、CVE-…
A list of public penetration test reports published by several consulting firms and academic security groups.
Tool to bypass LSA Protection (aka Protected Process Light)
An open-source tool for controlling IPMI-enabled systems
RedSnarf is a pen-testing / red-teaming tool for Windows environments
lgandx / Responder
Forked from SpiderLabs/ResponderResponder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authenticat…
Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier.
Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK
A proof-of-concept Remote Desktop (RDP) session hijack utility
Advanced Android AV Evasion Tool Written In Python 3 that can Embed/Bind meterpreter APK to any Legitimate APK
A framework for pentesters that facilitates evil twin attacks as well as exploiting other wifi vulnerabilities
A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.