The Business Email Compromise Guide sets out to describe 10 steps for performing a Business Email Compromise (BEC) investigation in an Office 365 environment. Each step is intended to guide the pro…

Defeating Windows User Account Control

An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the raw data, and give data in multiple formats.

Snoop — инструмент разведки на основе открытых данных (OSINT world)

Email OSINT & Password breach hunting tool, locally or using premium services. Supports chasing down related email

Python PTY backdoors - full PTY or nothing!

Osintgram is a OSINT tool on Instagram. It offers an interactive shell to perform analysis on Instagram account of any users by its nickname

ripgrep recursively searches directories for a regex pattern while respecting your gitignore

A list of cyber-chef recipes and curated links

Arkime is an open source, large scale, full packet capturing, indexing, and database system.

Pupy is an opensource, cross-platform (Windows, Linux, OSX, Android) remote administration and post-exploitation tool mainly written in python

A http flood python script that could stop a normal website in 10s

OSINT Tool for All-In-One Web Reconnaissance

Find open databases with Shodan

😱 A curated list of amazingly awesome OSINT

Warning lists to inform users of MISP about potential false-positives or other information in indicators

Invoke-ZeroLogon allows attackers to impersonate any computer, including the domain controller itself, and execute remote procedure calls on their behalf.

Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.

Repository of yara rules

SecLists is the security tester's companion. It's a collection of multiple types of lists used during security assessments, collected in one place. List types include usernames, passwords, URLs, se…

Grab target's webcam shots by link

Find open databases - Powered by Binaryedge.io

A GitHub Action for running the ZAP Full scan

Node.js JavaScript runtime ✨🐢🚀✨

The Python programming language

🍺 The missing package manager for macOS (or Linux)

🙃 A delightful community-driven (with 2,400+ contributors) framework for managing your zsh configuration. Includes 300+ optional plugins (rails, git, macOS, hub, docker, homebrew, node, php, python…

Quickly debug shellcode extracted during malware analysis

A collection of malware samples and relevant dissection information, most probably referenced from http://blog.inquest.net

The main repository of the Open GApps Project