Damn Vulnerable Bank is designed to be an intentionally vulnerable android application. This provides an interface to assess your android application security hacking skills.

DetectionLabELK is a fork from DetectionLab with ELK stack instead of Splunk.

Threat Pursuit Virtual Machine (VM): A fully customizable, open-sourced Windows-based distribution focused on threat intelligence analysis and hunting designed for intel and malware analysts as wel…

Awesome note-taking apps for hackers & pentesters !

Configuration Hardening Assessment PowerShell Script (CHAPS)

IOC from articles, tweets for archives

🕵️‍♂️ Offensive Google framework.

PROJECT DELTA: SDN SECURITY EVALUATION FRAMEWORK

SecretFinder - A python script for find sensitive data (apikeys, accesstoken,jwt,..) and search anything on javascript files

Curated list of public penetration test reports released by several consulting firms and academic security groups

A tool to perform Kerberos pre-auth bruteforcing

A post exploitation framework designed to operate covertly on heavily monitored environments

Incident Response Methodologies

A from-scratch rewrite of The Backdoor Factory - a MitM tool for inserting shellcode into all types of binaries on the wire.

Exploitation paths allowing you to (mis)use the Windows Privileges to elevate your rights within the OS.

A fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests

Utility to enumerate users, groups and computers from a Windows domain through LDAP queries

Quick SQLMap Tamper Suggester

📡 PoC auto collect from GitHub. ⚠️ Be careful Malware.

Web Based Command Control Framework (C2) #C2 #PostExploitation #CommandControl #RedTeam #C2Framework #PHPC2 #.NETMalware #Malware #PHPMalware #CnC #infosec #offensivesecurity #Trojan

Micro$oft Windows Hacking Pack

WinGet is the Windows Package Manager. This project includes a CLI (Command Line Interface), PowerShell modules, and a COM (Component Object Model) API (Application Programming Interface).

Proof of Concept exploit scripts and fuzzing templates. Companion blog posts located at https://epi052.gitlab.io/notes-to-self/blog/2020-05-13-osce-exam-practice-part-one/

PoC for CVE-2009-0229 "Print Spooler Read File Vulnerability" LPE AFR (related to CVE-2020-1048)

This is a PowerShell Empire launcher PoC using PrintDemon and Faxhell.

A proxy aware C2 framework used to aid red teamers with post-exploitation and lateral movement.

RSA attack tool (mainly for ctf) - retrieve private key from weak public key and/or uncipher data

CTF framework and exploit development library

A tool which scrapes public github repositories for common naming conventions in variables, folders and files

Crack any Microsoft Windows users password without any privilege (Guest account included)