Bloodhound Reporting for Blue and Purple Teams

A collection of various awesome lists for hackers, pentesters and security researchers

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

This repository has the JSON file required to perform user enumeration on various websites.

WiFi security auditing tools suite

Collection of penetration test reports and pentest report templates. Published by the the best security companies in the world.

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter.

Monitor linux processes without root permissions

A little tool to play with Windows security

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

OSINT tool - gets data from services like shodan, censys etc. in one app

PowerSploit - A PowerShell Post-Exploitation Framework

Process Herpaderping proof of concept, tool, and technical deep dive. Process Herpaderping bypasses security products by obscuring the intentions of a process.

Privilege Escalation Project - Windows / Linux / Mac

BadAssMacros - C# based automated Malicous Macro Generator.

This program is designed to demonstrate various process injection techniques

Active Directory Auditing and Enumeration

Repo for ADACLScan.ps1 - Your number one script for ACL's in Active Directory

AV/EDR evasion via direct system calls.

InQL is a robust, open-source Burp Suite extension for advanced GraphQL testing, offering intuitive vulnerability detection, customizable scans, and seamless Burp integration.

Custom Query list for the Bloodhound GUI based off my cheatsheet

JAWS - Just Another Windows (Enum) Script

Identifies the bytes that Microsoft Defender flags on.

Multi-Packer wrapper letting us daisy-chain various packers, obfuscators and other Red Team oriented weaponry. Featured with artifacts watermarking, IOCs collection & PE Backdooring. You feed it wi…

Reverse Tunneling made easy for pentesters, by pentesters https://sysdream.com/

Automatic SSTI detection tool with interactive interface

A collection of statically compiled tools like Nmap and Socat.

BBT - Bug Bounty Tools (examples💡)

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.