majenkins31 Goto Github PK

analyzemft

attack_range

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk

awesome-burp-extensions

A curated list of amazingly awesome Burp Extensions

awesome-burp-suite

Awesome Burp Suite Resources. 400+ open source Burp plugins, 400+ posts and videos.

awesome-cloud-pentest

awesome-command-control

A collection of awesome Command & Control (C2) frameworks, tools and resources for post-exploitation and red teaming assessments.

awesome-incident-response

A curated list of tools for incident response

awesome-osint

:scream: A curated list of amazingly awesome OSINT

awesome-sec-s3

A collection of awesome AWS S3 tools that collects and enumerates exposed S3 buckets

awesome-threat-intelligence

A curated list of Awesome Threat Intelligence resources

awesome_threat-hunting

A curated list of the most important and useful resources about Threat Detection,Hunting and Intelligence.

backstab

A tool to kill antimalware protected processes

bitsparser

burpgpt

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type.

chainsaw

Rapidly Search and Hunt through Windows Forensic Artefacts

cloudpentestcheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

cloudsploit

Cloud Security Posture Management (CSPM)

command-injection-payload-list

🎯 Command Injection Payload List

community-threats

A place to share attack chains for testing people, process, and technology with the entire community. The largest, public library of adversary emulation and adversary simulation plans! #ThreatThursday

crowdstrike-falcon-queries

A collection of Splunk's Search Processing Language (SPL) for Threat Hunting with CrowdStrike Falcon

crowdstrike-rtr-scripts

crowdstrike_rtr_powershell_scripts

cyberchef-recipes

deepbluecli

domainpasswordspray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAREFUL NOT TO LOCKOUT ACCOUNTS!

emba

EMBA - The firmware security analyzer

evilginx2

Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

gc2-sheet

GC2 is a Command and Control application that allows an attacker to execute commands on the target machine using Google Sheet and exfiltrate data using Google Drive.

gotestwaf

An open-source project in Golang to test different web application firewalls (WAF) for detection logic and bypasses

graphrunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API