A script for credentials-based attack surface enumeration and general reconnaissance of massive networks

Enhanced Script for scraping the Venmo public feed via API v1 & v5

A list of useful payloads and bypass for Web Application Security and Pentest/CTF

Multipass orchestrates virtual Ubuntu instances

OSINT python webscaping framework

GNS3 Graphical Network Simulator

Steganography brute-force utility to uncover hidden data inside files

Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.

MASSCAN Web UI

TCP port scanner, spews SYN packets asynchronously, scanning entire Internet in under 5 minutes.

The SIMON and SPECK families of lightweight block ciphers. #nsacyber

Retrieves the definitions of Windows Event Log messages embedded in Windows binaries and provides them in discoverable formats. #nsacyber

Logs key Windows process performance metrics. #nsacyber

Trusted Computing based services supporting TPM provisioning and supply chain validation concepts. #nsacyber

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as g…

NSA Cybersecurity. Formerly known as NSA Information Assurance and the Information Assurance Directorate

Realisation of wigner-ville distribution through haskell accelerate library, using CPU or GPU.

Simple (outdated) scripts to mount the cgroupfs (v1) hierarchy, especially structured for Debian packaging

hydra

A tool to interact with the Modbus protocols

ISF(Industrial Control System Exploitation Framework)，a exploitation framework based on Python

GUI based offensive penetration testing tool (Open Source)

A simple HTTP(S) and DNS Canary bot with Slack/Discord/MS Teams/Lark/Telegram & Pushover support

🆕 The Multi-Tool Web Vulnerability Scanner.

Docker image for Osmedeus, a fully automated offensive security tool for reconnaissance and vulnerability scanning

Red Teaming Tactics and Techniques

A search tool that searches Offensive Securitys Exploit-db and Shodans Exploit DB using their API.

Various course materials, scripts, and configurations from my Offensive Security Engineering Course and Book "Red Team Engineering"

This is my cheatsheet and scripts developed while taking the Offensive Security Penetration Testing with Kali Linux course.