#Offensivesecurity
Showing 15 of 15 repositories tagged #offensivesecurity, ranked by stars
A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository are the result of personal research, including reading materials online and conducting trial-and-error attempts in labs and pentests.
Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.
Discover new target domains using Content Security Policy
A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck syntax, and can automatically generate Bambdas scripts. Additionally, it offers "Copy as JavaScript" to convert HTTP requests for enhanced XSS testing.
Advanced Client-Side Prototype Pollution Scanner
one-stop resource for all things offensive security.
γπγProof of concept on BYOVD attack
SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. It filters URLs to identify those with parameters susceptible to SQL injection formats and then performs injection attacks. These attacks include pattern matching, error analysis, and timing attacks.
fsociety is a penetration toolkit inspired from MR. ROBOT
Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.
Red Team Arsenal - a comprehensive collection of tools, scripts, and techniques for conducting red team operations and adversary simulations, including custom beacons, malleable C2 profiles, aggressor scripts, advanced payload generation methods, as well as other evasion tools, tailored for red team operations and security research.
A lightweight Command and Control (C2) framework built for offensive security research and red teaming (Post Exploitation).
γβ οΈγPerforming a BYOVD on the truesight.sys driver
Our repo for crushing through RTO course & labs.
A nostalgic journey back to the era of retro RPGs with a cyber twist in the theme of Die Hard