🎓 Path to a free self-taught education in Computer Science!

An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !

GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems

A list of public penetration test reports published by several consulting firms and academic security groups.

Gather and update all available and newest CVEs with their PoC.

Automate the creation of a lab environment complete with security tooling and logging best practices

ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.

CVE-2021-40444 PoC

Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

*DEPRECATED* mana toolkit for wifi rogue AP attacks and MitM

Utilities for MITRE™ ATT&CK

CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit

A library of pretexts to use on offensive phishing engagements.

Repository dedicated to storing a multitude of iOS/macOS/OSX/watchOS crash bugs. Some samples need to be viewed as raw in order to see the Unicode. Please do not intentionally abuse these exploits.

Python C2 with JScript Implant

CPSA exam prep resources