daveyshmave Goto Github PK

semiautorecon

sharkjack-payloads

The Official Hak5 Shark Jack Payload Repository

sharpshooter

Payload Generation Framework

shodan-filters

A list of shodan filters

signalowl-payloads

The Official Hak5 Signal Owl Payload Repository

silenttrinity

An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR

skipfish

Web application security scanner created by lcamtuf for google - Unofficial Mirror

slackextract

A PowerShell script to download all files, messages and user profiles that a user has access to in slack.

sleuthkit

The Sleuth Kit® (TSK) is a library and collection of command line digital forensics tools that allow you to investigate volume and file system data. The library can be incorporated into larger digital forensics tools and the command line tools can be directly used to find evidence.

sonarqube

Continuous Inspection

spiderfoot

SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

sshuttle

Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.

sslyze

Fast and powerful SSL/TLS scanning library.

starboard

Kubernetes-native security toolkit

starkiller

Starkiller is a Frontend for PowerShell Empire.

static-analysis

⚙️ A curated list of static analysis (SAST) tools for all programming languages, config files, build tools, and more.

talisman

By hooking into the pre-push hook provided by Git, Talisman validates the outgoing changeset for things that look suspicious - such as authorization tokens and private keys.

tcm-security-sample-pentest-report

Sample pentest report provided by TCM Security

tfsec

Security scanner for your Terraform code

threathunter-playbook

A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.

trivy

Scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues

udemy-dl

A cross-platform python based utility to download courses from udemy for personal offline use.

unicorn

Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's powershell attacks and the powershell bypass technique presented by David Kennedy (TrustedSec) and Josh Kelly at Defcon 18.

usb-rubber-ducky

usbrubberducky-payloads

The Official USB Rubber Ducky Payload Repository

vectr

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios

veil

Veil 3.1.X (Check version info in Veil at runtime)

volatility

An advanced memory forensics framework

volatility3

Volatility 3.0 development

vscode-graphql

VSCode GraphQL extension (autocompletion, go-to definition, syntax highlighting)