fin3ss3g0d/evilgophish: evilginx3 + gophish
evilginx3 + gophish. Contribute to fin3ss3g0d/evilgophish development by creating an account on GitHub.
security
gophish/gophish: Open-Source Phishing Toolkit
Open-Source Phishing Toolkit. Contribute to gophish/gophish development by creating an account on GitHub.
kgretzky/evilginx2: Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication
Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication - kgretzky/evilginx2
0xZDH/o365spray: Username enumeration and password spraying tool aimed at Microsoft O365.
Username enumeration and password spraying tool aimed at Microsoft O365. - 0xZDH/o365spray
knavesec/CredMaster: Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling
Refactored & improved CredKing password spraying tool, uses FireProx APIs to rotate IP addresses, stay anonymous, and beat throttling - knavesec/CredMaster
dafthack/MSOLSpray: A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, if the account is locked, or if the account is disabled.
A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn&am...
blacklanternsecurity/TREVORspray: TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more!
TREVORspray is a modular password sprayer with threading, clever proxying, loot modules, and more! - blacklanternsecurity/TREVORspray
nyxgeek/o365recon: retrieve information via O365 and AzureAD with a valid cred
retrieve information via O365 and AzureAD with a valid cred - nyxgeek/o365recon
microsoft#github#repositories#security#microsoft#azure#active#directory#o365#pen testing#reconnaissanceaquasecurity/kube-bench: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark - aquasecurity/kube-bench
cyberark/KubiScan: A tool to scan Kubernetes cluster for risky permissions
A tool to scan Kubernetes cluster for risky permissions - cyberark/KubiScan
quay/clair: Vulnerability Static Analysis for Containers
Vulnerability Static Analysis for Containers. Contribute to quay/clair development by creating an account on GitHub.
sqlmapproject/sqlmap: Automatic SQL injection and database takeover tool
Automatic SQL injection and database takeover tool - sqlmapproject/sqlmap
cowrie/cowrie: Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io
Cowrie SSH/Telnet Honeypot https://cowrie.readthedocs.io - cowrie/cowrie
Bearer/bearer: Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks.
Code security scanning tool (SAST) to discover, filter and prioritize security and privacy risks. - Bearer/bearer
rvrsh3ll/TokenTactics: Azure JWT Token Manipulation Toolset
Azure JWT Token Manipulation Toolset. Contribute to rvrsh3ll/TokenTactics development by creating an account on GitHub.
sense-of-security/ADRecon: ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment.
ADRecon is a tool which gathers information about the Active Directory and generates a report which can provide a holistic picture of the current state of the target AD environment. - sense-of-sec...
Cloud-Architekt/AzureAD-Attack-Defense: This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected.
This publication is a collection of various common attack scenarios on Microsoft Entra ID (formerly known as Azure Active Directory) and how they can be mitigated or detected. - Cloud-Architekt/Azu...
Greenwolf/Spray: A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf)
A Password Spraying tool for Active Directory Credentials by Jacob Wilkin(Greenwolf) - Greenwolf/Spray
Password Spraying tool
itm4n/PrivescCheck: Privilege Escalation Enumeration Script for Windows
Privilege Escalation Enumeration Script for Windows - itm4n/PrivescCheck
microsoft#github#repositories#security#windows#LPE#vulnerabilities#pen testing#privilege#escalation#microsoftS3cur3Th1sSh1t/Amsi-Bypass-Powershell: This repo contains some Amsi Bypass methods i found on different Blog Posts.
This repo contains some Amsi Bypass methods i found on different Blog Posts. - S3cur3Th1sSh1t/Amsi-Bypass-Powershell
jakejarvis/awesome-shodan-queries: 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻
🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩💻 - jakejarvis/awesome-shodan-queries
aquasecurity/trivy: Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more - aquasecurity/trivy
MobSF/Mobile-Security-Framework-MobSF: Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static a...