An advanced graphical search engine for Exploit-DB
How to exploit a double free vulnerability in 2021. Use After Free for Dummies
The most comprehensive Hack The Box writeup collection - 500+ machines, 400+ challenges, interactive knowledge graph, skill trees, attack pa…
A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For education…
A hyper plugin to provide a flexible GDB GUI frontend with the help of GEF, pwndbg or peda
Library for execution obfuscation, designed to protect memory regions during inactivity or sleep cycles. It leverages thread pool timers, wa…
IDOR Forge is an advanced and versatile tool designed to detect Insecure Direct Object Reference (IDOR) vulnerabilities in web applications.
Collection of Python classes for working with network protocols. Includes tools for SMB, MSRPC, LDAP, Kerberos, and more. Used for Pass-the-…
👻Impost3r -- A linux password thief
The Indicator of Canary is a collection of PoCs from research on identifying canaries in various file formats. It focuses on identifying kno…
This repository is created only for infosec professionals whom work day to day basis to equip ourself with uptodate skillset, We can daily c…
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
List of past and future infosec related events.
Notes from various sources for preparing to take the OSCP, Capture the Flag challenges, and Hack the Box machines.
InfraGuard is a Command & Control Redirection Proxy and Manager which protects your Red Team Infrastructure against threat attribution
A set of tutorials about code injection for Windows.
Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion
📸 an Instagram tracking script that logs any changes to an Instagram account (followers, following, posts, and bio) written in Python.
Active Directory and Internal Pentest Cheatsheets
Hourly updated database of exploit and exploitation reports
A flexible internet crawler used for scanning technologies, instances and vulnerabilities worldwide across the internet.
Asset inventory of over 800 public bug bounty programs.
A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good pe…
JANUSEC Application Gateway provides secure access, including reverse proxy, K8S Ingress Controller, Automatic ACME Certificate, WAF, 5-Seco…