Hacking

:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock - GitHub - liamg/traitor: Automatic Linux pr...

Platform for emulation and dynamic analysis of Linux-based firmware - GitHub - firmadyne/firmadyne: Platform for emulation and dynamic analysis of Linux-based firmware

Web on top of any protocol. Contribute to nishitm/wotop development by creating an account on GitHub.

A list of useful payloads and bypass for Web Application Security and Pentest/CTF - GitHub - swisskyrepo/PayloadsAllTheThings: A list of useful payloads and bypass for Web Application Security and ...

Just another "Won't Fix" Windows Privilege Escalation from User to Domain Admin. - GitHub - antonioCoco/RemotePotato0: Just another "Won't Fix" W...

Series of System Administration Tools. Contribute to M2Team/NSudo development by creating an account on GitHub.

A tool to dump the login password from the current linux user - GitHub - huntergregal/mimipenguin: A tool to dump the login password from the current linux user

LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64) - GitHub - m0nad/Diamorphine: LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64)

My notes about all things red teaming experiments and more. (Very well done notes, great stuff on red teaming)

Fileless ring 3 rootkit with installer and persistence that hides processes, files, network connections, etc. - GitHub - bytecode77/r77-rootkit: Fileless ring 3 rootkit with installer and persisten...

This repository contains cutting-edge open-source security tools (OST) for a red teamer and threat hunter. - GitHub - infosecn1nja/Red-Teaming-Toolkit: This repository contains cutting-edge open-so...

Cobalt Strike Community Kit

Has command for reverting signatures. Useful to downgrade or remove signatures to allow Defender to run but be unable to detect anything.

Use this topic to help manage Windows and Windows Server technologies with Windows PowerShell.

Windows LNK File Parser and Creator

Trying to tame the three-headed dog. Contribute to GhostPack/Rubeus development by creating an account on GitHub.

A little tool to play with Windows security. Contribute to gentilkiwi/mimikatz development by creating an account on GitHub.

Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin. - GitHub - kris-nova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE,...

A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process. - GitHub - arget13/DDexec: A technique to run binaries filelessly and stealthily o...

Hundreds of Offensive and Useful Docker Images for Network Intrusion. The name says it all. - GitHub - cybersecsi/HOUDINI: Hundreds of Offensive and Useful Docker Images for Network Intrusion. The ...

In which we run a normal ELF binary on Linux without touching the filesystem(except /proc).

Providing security research and red team techniques

Windows and Active Directory

Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors. A good example of this is the shell_exec

Search across a half million git repos. Search by regular expression. (Great for exploring code for exploitation)

Modern web applications typically rely on chains of multiple servers, which forward HTTP requests to one another. The attack surface created by this forwarding is increasingly receiving more attention, including the recent popularisation of cache poisoning...