Lists (9)
Sort Name ascending (A-Z)
Stars
Tools for Kerberos PKINIT and relaying to AD CS
Disconnected GPO Editor - A Group Policy Manager launcher to allow editing of domain GPOs from non-domain joined machines
Kernel mode WinDbg extension and PoCs for token privilege investigation.
Ask a TGS on behalf of another user without password
Octoscan is a static vulnerability scanner for GitHub action workflows.
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
A collection of awesome one-liner scripts especially for bug bounty tips.
Pre-Built Vulnerable Environments Based on Docker-Compose
PowerShell rebuilt in C# for Red Teaming purposes
An automated phishing tool with 30+ templates. This Tool is made for educational purpose only ! Author will not be responsible for any misuse of this toolkit !
An open-source project in Golang to asess different API Security tools and WAF for detection logic and bypasses
Web Application Firewall Testing Framework - Go version
Testing datasets and tools to compare WAF efficacy
🔥 Web-application firewalls (WAFs) from security standpoint.
Keyhacks is a repository which shows quick ways in which API keys leaked by a bug bounty program can be checked to see if they're valid.
A PowerShell script to perform PKINIT authentication with the Windows API from a non domain-joined machine.
I will update it soon for now. Abuse Github issue comment attachment to use GitHub as a stealthy C2
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
OWASP PTK - application security browser extension.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a…
A curated list of GPT agents for cybersecurity
An ADCS Exploitation Automation Tool Weaponizing Certipy and Coercer
A curated list of free courses & certifications.
Fast and configurable TLS grabber focused on TLS based data collection.
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell.
getsystem via parent process using ps1 & embeded c#