Tuf – A Framework For Securing Software Update Systems
This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform...
This repository is the reference implementation of The Update Framework (TUF). It is written in Python and intended to conform...
Deepfence SecretScanner can find any potential secrets in container images or file systems. What are Secrets?Secrets are any kind of...
SharpDPAPI is a C# port of some DPAPI functionality from @gentilkiwi's Mimikatz project.I did not come up with this logic,...
Seatbelt is a C# project that performs a number of security oriented host-survey "safety checks" relevant from both offensive and...
Rubeus is a C# toolset for raw Kerberos interaction and abuses. It is heavily adapted from Benjamin Delpy's Kekeo project...
InveighZero is a C# LLMNR/NBNS/mDNS/DNS/DHCPv6 spoofer and man-in-the-middle tool designed to assist penetration testers/red teamers that find themselves limited to...
ClearURLs is an add-on based on the new WebExtensions technology and is optimized for Firefox and Chrome based browsers. This...
Use Android as Rubber Ducky against another Android device HID attack using AndroidUsing Android as Rubber Ducky against Android. This...
Find security vulnerabilities, compliance issues, and infrastructure misconfigurations early in the development cycle of your infrastructure-as-code with KICS by Checkmarx....
Boomerang is a tool to expose multiple internal servers to web/cloud using HTTP+TCP Tunneling. The Server will expose 2 ports...
A simple PoC which leverages the Outlook Application Interface (COM Interface) to execute shellcode on a system based on a...
Obfuscate (hide) the PE imports from static/dynamic analysis tools. TheoryThis's pretty forward, let's say I've used VirtualProtect and I want...
The Fastest Hash Cracking System pip3 install search-that-hash && sth Tired of going to every website to crack your hash?...
Automatically detect control-flow flattening and other state machines Author: Tim BlazytkoDescription:Scripts and binaries to automatically detect control-flow flattening and other state...
A collection of python apps and shell scripts to email an xlsx spreadsheet of new vulnerabilities in the NIST CVE...
This is a collection of tools you may like if you are interested on reverse engineering and/or malware analysis on...
Find exposed AWS cloud assets that you did not know you had. A comprehensive asset inventory is step one to...
OSINT tool to get information from a github profile and find GitHub user's email addresses leaked on commits.How does this...
I created an Offensive Security Exam Report Template in Markdown so LaTeX, Microsoft Office Word, LibreOffice Writer are no longer...
Kraker is a distributed password brute-force system that allows you to run and manage the hashcat on different servers and...
A library to enhance and speed up script/exploit writing for CTF players (or security researchers, bug bounty hunters, pentesters but...
A golang tool that uses the dehashed.com API to search for compromised assets. Results can then be compiled into a...
PoC Exploit for Microsoft Exchange Launche Original PoC: https://github.com/testanullHow to use:python proxylogon.py <name or IP of server> <user@fqdn> Example:python proxylogon.py...
Fast browser-based network discovery module Descriptionnetmap.js provides browser-based host discovery and port scanning capabilities to allow you to map website...