Stars
Tools for Kerberos PKINIT and relaying to AD CS
The Browser Exploitation Framework Project
A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
US Government controls formatted for usability
Historical monolithic WireGuard repository, split into wireguard-tools, wireguard-linux, and wireguard-linux-compat.
Tool for advanced mining for content on Github
Selenium powered Python script to automate searching for vulnerable web apps.
Medfusion 4000 security research & a MQX RCE.
SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…
Professionally Evil Web Application Penetration Testing 101
AWS Least Privilege for Distributed, High-Velocity Deployment
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.
FiercePhish is a full-fledged phishing framework to manage all phishing engagements. It allows you to track separate phishing campaigns, schedule sending of emails, and much more.
Empire is a PowerShell and Python post-exploitation agent.
A community-driven Ruby coding style guide
Easy automated vulnerability scanning, reporting and analysis
An ArchLinux based distribution for penetration testers and security researchers.
The legacy Exploit Database repository - New repo located at https://gitlab.com/exploit-database/exploitdb
A Bash script that downloads and unzips scripts that will aid with privilege escalation on a Linux system.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.