sup3rm4n73 Goto Github PK

active-directory-exploitation-cheat-sheet

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

autorpt

The easy way to create a working directory with standard report template files for common security scenarios: penetration testing, CTF, training, and certification exams. Automatically convert markdown into a polished final report.

bash

Collection of bash scripts I wrote to make my life easier or test myself that you may find useful.

crto

Certified Red Team Operator

css-keylogging

Chrome extension and Express server that exploits keylogging abilities of CSS.

cssg

Cobalt Strike Shellcode Generator

cyberstuff

This Script installs useful tools and stuff for pen-testing purpose.

cypherhound

Python3 terminal application that contains 260+ Neo4j cyphers for BloodHound data sets

deepscan

A simple shell script which utilizes nmap, nikto, dirb, enum4linux and other open source goodies to automate enumeration process.

defcon27_csharp_workshop

Writing custom backdoor payloads with C# - Defcon 27 Workshop

dnscan

exposelab

This is a fully automated Active directory Lab made with the purpose to reduce the hustle of creating it manually.

ghunt

🕵️‍♂️ Investigate Google Accounts with emails.

gittools

A repository with 3 tools for pwn'ing websites with .git repositories available

godgenesis

A Python3 based C2 server to make life of red teamer a bit easier. The payload is capable to bypass all the known antiviruses and endpoints.

grassmarlin

Provides situational awareness of Industrial Control Systems (ICS) and Supervisory Control and Data Acquisition (SCADA) networks in support of network security assessments. #nsacyber

havoc

The Havoc Framework

hostrecon

This function runs a number of checks on a system to help provide situational awareness to a penetration tester during the reconnaissance phase. It gathers information about the local system, users, and domain information. It does not use any 'net', 'ipconfig', 'whoami', 'netstat', or other system commands to help avoid detection.

hotwax

Script to provision a curated set of pentesting tools into a Kali (supported) box.

internal-pentest-playbook

Internal Network Penetration Test Playbook

invisibilitycloak

Proof-of-concept obfuscation toolkit for C# post-exploitation tools

linkedint

LinkedIn Recon Tool

lovely-potato

Automating juicy potato local privilege escalation exploit for penetration testers.

lxd-alpine-builder

Build Alpine Linux images for LXD

mailsniper

MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It can be used as a non-administrative user to search their own email, or by an administrator to search the mailboxes of every user in a domain.

malleable-c2-profiles

Malleable C2 is a domain specific language to redefine indicators in Beacon's communication. This repository is a collection of Malleable C2 profiles that you may use. These profiles work with Cobalt Strike 3.x.

mangle

Mangle is a tool that manipulates aspects of compiled executables (.exe or DLL) to avoid detection from EDRs

msrv

nmapautomator

A script that you can run in the background!

o365-bitb