th3s3cr3tag3nt Goto Github PK

aad-sso-enum-brute-spray

POC of SecureWorks' recent Azure Active Directory password brute-forcing vuln

betterdefaultpasslist

cobaltstrike

CobaltStrike's source code

cr3dov3r

Know the dangers of credential reuse attacks.

credsniper

CredSniper is a phishing framework written with the Python micro-framework Flask and Jinja2 templating which supports capturing 2FA tokens.

decoding

Key and Lock Decoding Tools

empire

Empire is a PowerShell and Python post-exploitation agent.

eyewitness

EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.

files-for-analysis

Juts a dumping ground for interesting files.

generate-macro

This Powershell script will generate a malicious Microsoft Office document with a specified payload and persistence method.

johntheripper

This is the official repo for John the Ripper, "Jumbo" version. The "bleeding-jumbo" branch is based on 1.9.0-Jumbo-1 which was released on May 14, 2019. An import of the "core" version of john this jumbo was based on (or newer) is found in the "master" branch (CVS: https://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/john/john/src/).

keyjack

Device discovery tools and encrypted keystroke injection advisories for Logitech, Dell, Lenovo and AmazonBasics

mousewiggler

Teensy BadUSB Arduino HID Mouse Wiggler (Leonardo Lily GO)

munge

Dirty python script to munge dictionary words into password.

peasant

LinkedIn reconnaissance tool

phishfinder

A tool designed to traverse phishing URL paths to search for phishing kit source code.

psattack

A portable console aimed at making pentesting with PowerShell a little easier.

red-teaming-toolkit

A collection of open source and commercial tools that aid in red team operations.

red7eam

responder

Responder is a LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication.

reverse-shell-poc

Custom C++ Reverse Shell POC | No AV Bypass Techniques or Tweaks Done | AVT Detection ratio: 2/61

scriptdotsh-malwaredevelopment

This repo will contain code snippets for blogs: Malware on Steroids written by me at https://scriptdotsh.com/index.php/category/malware-development/

seclists

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, sensitive data patterns, fuzzing payloads, web shells, and many more.

sweeper

Automate NMAP scan for local subnet

teensyduckyscripts

ultimate-facebook-scraper

🤖 A bot which scrapes almost everything about a Facebook user's profile including all public posts/statuses available on the user's timeline, uploaded photos, tagged photos, videos, friends list and their profile photos (including Followers, Following, Work Friends, College Friends etc).

wargames

Firewall WarGames

webmap

WebMap - https://github.com/Rev3rseSecurity

webshell

Webshell && Backdoor Collection

webshellsample