WAPTLab - Web Application Penetration Testing Lab

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

Crowbar is brute forcing tool that can be used during penetration tests. It is developed to support protocols that are not currently supported by thc-hydra and other popular brute forcing tools.

windows-kernel-exploits Windows平台提权漏洞集合

A customizable and powerful penetration testing reporting platform for offensive security professionals. Simplify, customize, and automate your pentest reports with ease.

Burp Suite extension for API security testing with 15 attack types, 108+ payloads, intelligent fuzzing, BOLA/IDOR detection, AI integration, and automated reconnaissance. Supports REST/GraphQL/SOAP…

Don't expect much :) Just expect to learn new things!

A tool for generating multiple types of NTLMv2 hash theft files by Jacob Wilkin (Greenwolf)

SploitScan is a sophisticated cybersecurity utility designed to provide detailed information on vulnerabilities and associated exploits.

Fully decrypt App-Bound Encrypted (ABE) cookies, passwords & payment methods from Chromium-based browsers (Chrome, Brave, Edge) - all in user mode, no admin rights required.

📙 Markdown Templates for Offensive Security OSCP, OSWE, OSCE, OSEE, OSWP exam report

Collection of Statically linked binaries for Linux. Suited for Forensics

Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.

Complete Mandiant Offensive VM (Commando VM), a fully customizable Windows-based pentesting virtual machine distribution. commandovm@mandiant.com

Compiled Binaries for Ghostpack

A tool for parsing breached passwords

A complete, beginner-friendly bug bounty roadmap that takes you from zero experience to earning your first bounty.

HTTP parameter discovery suite.

Incredibly fast crawler designed for OSINT.

Exchange privilege escalations to Active Directory

This repo contains a series of challenges that get harder and harder to exploit

A Modern Bug Bounty and Security Research Management Platform

This repo contains scripts to query dehashed.com and crack the returned hashes which will then save all cleartext passwords and hashes to files.

The most complete code auditing platform with thousands of real-world challenges

game of active directory

Create a vulnerable active directory that's allowing you to test most of the active directory attacks in a local lab

🧙‍♂️ Node.js Command & Control for Script-Jacking Vulnerable Electron Applications