Lists (31)
AD Tools 🏛️
Android Security 📱
AWS Security ☁️
Tools for improve AWS environments securityC2 🟥
Cloudflare WAF ☁️
Tools for audit and test Cloudflare WAFCode Analysis 👨🏻💻
Tools for analyzing codeCryptography-Encoding-Crackin🔐
Digital Forensic 🟦
Tools for performing digital forensicEmail Header Analyzer 📧
Tools for analyze emailsEvasion Tools 🟥
Tools for automated obfuscationFlipper Zero 🐬
Honeypots 🟦
ICS/SCADA Security 🔒
Tools for ICS/SCADAIncident Response 🟦
Tools for performing Incident ResponseInformation Gathering 🟥
Tools for enumerating target and gain information about targetsIoT PT 🟥
Tools for performing Internet of Things Penetration TestingM365 / Azure Security ☁️
Malware Analysis 🟦
Tools for performing Malware Analysis and SandboxesNetwork PT 🟥
Tools for performing network pentesting and packet craftingOSINT 🕵🏻
Tools for perfoming Open Source IntelligencePhishing 📦
Tools for performing phishingReports 📝
Tools for automated reportsSoftware Security
Steganography 🪄
Tools for performing steganographyWAF 🟦
Web Application PT 🟥
Tools for performing Web Application PTWiFi PT 🟥
Tools for performing WiFi Penetation TestingWindows Events Log 🟦
Tools for analyzing and parsing Windows Events LogWindows PT 🟥
Wordlists 📝
Tools for creating personalized wordlists and for mangling themYara 🟦
Tools for Yara rulesStars
Monkey365 provides a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Microsoft Entra ID security configuration reviews.
A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet.
ShadowPhish is an advanced APT awareness toolkit designed to simulate real-world phishing, malware delivery, deepfakes, smishing/vishing, and command & control attacks through an intuitive graphica…
BlackCat is a PowerShell module designed to validate the security of Microsoft Azure. It provides a set of functions to identify potential security holes.
Manages, configures, extracts and monitors Microsoft 365 tenant configurations
A PowerShell module for acquisition of data from Microsoft 365 and Azure for Incident Response and Cyber Security purposes.
Powershell Based tool for gathering information related to O365 intrusions and potential Breaches
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous …
Free and libre source BadUSB payloads for Flipper Zero. [Windows, GNU/Linux, iOS]
A curated list of essential digital forensics tools used for investigation, data recovery, and security analysis. These tools help in disk forensics, memory analysis, network monitoring, malware an…
RansomWhen is a tool to enumerate identities that can lock S3 Buckets using KMS, resulting in ransomwares, as well as detect occurances of S3 Ransomwares using KMS
Simple hunting script for suspicious M365 OAuth Apps
Enumerate the permissions associated with AWS credential set
A tool leveraging Kerberos tickets to get Microsoft 365 access tokens using Seamless SSO
Oops365: A modular tool for testing Microsoft 365 security, including domain checks, email generation, validation, password spraying, and MFA enumeration.
A fork of the great TokenTactics with support for CAE and token endpoint v2
Scrape, Hunt, and Transform names and usernames
Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.
Azure Red Team tool for graphing Azure and Azure Active Directory objects
Identify Azure blobs using a wordlist of account name and container name strings
PortForce - A custom port Brute Forcing Tool for CTF's & Pentests
Modular Enumeration and Password Spraying Framework
EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.
Please no pull requests for this repository. Thanks!