scan4all

Vulnerabilities Scan: 15000+PoCs; 20 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty...

scarecrow

ScareCrow - Payload creation framework designed around EDR bypass.

scriptdotsh-malwaredevelopment

This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-development/

scripts

Scripts I use during pentest engagements.

scripts-1

scriptsandexploits

Some scripts and exploits

scshell

Fileless lateral movement tool that relies on ChangeServiceConfigA to run command

seatbelt

Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and defensive security perspectives.

sebackupprivilege

Use SE_BACKUP_NAME/SeBackupPrivilege to access objects you shouldn't have access to

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sectoolset

The security tool(project) Set from github。github安全项目工具集合

security-cheatsheets

A collection of cheatsheets for various infosec tools and topics.

security-research

Exploits written by the Rhino Security Labs team

seeker

Find GeoLocation with High Accuracy...

serioussam

HiveNightmare a.k.a. SeriousSam Local Privilege Escalation in Windows – CVE-2021-36934

serpico

SimplE RePort wrIting and COllaboration tool

seth

Perform a MitM attack and extract clear text credentials from RDP connections

setup-ad-security-lab

Scripts to create a Active Directory Lab with security misconfigurations and vulnerabilities.

sgn

Shikata ga nai (仕方がない) encoder ported into go with several improvements

shad0w

A post exploitation framework designed to operate covertly on heavily monitored enviroments

shadowcoerce

MS-FSRVP coercion abuse PoC

shadowspray

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.

shadowsteal

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation

sharp-suite

My musings with C#

sharp-wmiexec

sharpattack

A simple wrapper for C# tools

sharpblock

A method of bypassing EDR's active projection DLL's by preventing entry point exection

sharpbox

SharpBox is a C# tool for compressing, encrypting, and exfiltrating data to DropBox using the DropBox API.

sharpbypassuac

C# tool for UAC bypasses

sharpchisel

C# Wrapper around Chisel from https://github.com/jpillora/chisel