Spider entire networks for juicy files sitting on SMB shares. Search filenames or file content - regex supported!

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

A cheat sheet that contains common enumeration and attack methods for Windows Active Directory.

Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!

Automated All-in-One OS Command Injection Exploitation Tool.

This repository contains a curated list of websites and repositories featuring pentest & red-team resources such as cheatsheets, write-ups, tools, techniques, programming/scripting notes, and more.…

Rust Weaponization for Red Team Engagements.

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh

PowerRunAsSystem is a PowerShell script, also available as an installable module through the PowerShell Gallery, designed to impersonate the NT AUTHORITY/SYSTEM user and execute commands or launch …

Find, verify, and analyze leaked credentials

A python3 remake of the classic "tree" command with the additional feature of searching for user provided keywords/regex in files, highlighting those that contain matches.

This repository is a collection of notes, links, tutorials, and experiences aimed at helping others. If you find it useful, please consider giving it a star ⭐ to keep me motivated.

XLL Phishing Tradecraft

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)

Credentials recovery project

An attempt to answer the age old interview question "What happens when you type google.com into your browser and press enter?"

A Windows reverse shell payload generator and handler that abuses the http(s) protocol to establish a beacon-like reverse shell.

Awesome Pentest Tools Collection

🎓 Path to a free self-taught education in Computer Science!

parse nmap files

A cheat sheet that contains advanced queries for SQL Injection of all types.

An Information Security Reference That Doesn't Suck; https://rmusser.net/git/admin-2/Infosec_Reference for non-MS Git hosted version.

⬆️ ☠️ 🔥 Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock

Various *nix tools built as statically-linked binaries

OLED display support on Linux

🎬 Attach progress bar to animated GIF

A collection of modern/faster/saner alternatives to common unix commands.

A lightweight client for managing MariaDB, MySQL, SQL Server, PostgreSQL, SQLite, Interbase and Firebird, written in Delphi