Curated list of Unix binaries that can be used to bypass local security restrictions. Shows how to abuse sudo, SUID, capabilities, and file …
Search for Unix binaries that can be exploited to bypass system security restrictions.
GTFOBins is a curated list of Unix-like executables that can be used to bypass local security restrictions in misconfigured systems.
Automatic privilege escalation for misconfigured capabilities, sudo and suid binaries using GTFOBins.
Run hashcathelper -h for help. The program is structured in subcommands. See hashcathelper -h for more information.
Modular penetration testing platform that enables you to write, test, and execute exploit code.
Modern C2 framework designed for red teams. Features a sleek GUI, Demon agent with evasion techniques, team server for collaboration, and ex…
A command and control framework.
The most comprehensive Hack The Box writeup collection - 500+ machines, 400+ challenges, interactive knowledge graph, skill trees, attack pa…
A Flask-based HTTP(S) command and control (C2) framework with a web interface. Custom Windows EXE/DLL implants written in C++. For education…
Suricata rules for network anomaly detection
Windows Administrator level Implant.
Collection of Python classes for working with network protocols. Includes tools for SMB, MSRPC, LDAP, Kerberos, and more. Used for Pass-the-…
Dumps secrets remotely using a variety of techniques including DCSync (without running code on DC), VSS, and SAM dump. Part of the Impacket …
An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.
Active Directory Auditing and Enumeration
Inject RDPThief into memory with PowerShell.
Interactive Shell and Command Execution over Named-Pipes (SMB) for Fileless lateral movement
K8工具合集(内网渗透/提权工具/远程溢出/漏洞利用/扫描工具/密码破解/免杀工具/Exploit/APT/0day/Shellcode/Payload/priviledge/BypassUAC/OverFlow/WebShell/PenTest) Web GetShell Ex…
Python Kaldi speech recognition with grammars that can be set active/inactive dynamically at decode-time
My proof-of-concept exploits for the Linux kernel
KIZAGAN is a RAT,c2 command&control tool.It allows you to build executables and control infected machines.
Scan 30+ AWS services. Find cost waste. Detect security gaps. Map your attack surface. One command.