PowerShell for every system!

DropboxC2C is a post-exploitation agent which uses Dropbox Infrastructure for command and control operations.

Exploit toolkit CVE-2017-0199 - v3.0 is a handy python script which provides a quick and effective way to exploit Microsoft RTF RCE. It could generate a malicious (Obfuscated) RTF file and deliver …

Wordlists sorted by probability originally created for password generation and testing

Mirror of Shadowbrokers release from https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation

Decrypted content of eqgrp-auction-file.tar.xz

A swiss army knife for pentesting Windows/Active Directory environments

Password cracking rules and masks for hashcat that I generated from cracked passwords.

Nishang - PowerShell for penetration testing and offensive security.

This project contains a PoC and exploit generator for a code execution bug in Ubuntu's Apport crash reporter

Various tools

Exploits locked/password protected computers over USB, drops persistent WebSocket-based backdoor, exposes internal router, and siphons cookies using Raspberry Pi Zero & Node.js.

An open source interactive disassembler

WePWNise generates architecture independent VBA code to be used in Office documents or templates and automates bypassing application control and exploit mitigation software.

A tool for Red Teaming Windows environments

This is a port/remix of the Tastic RFID Thief to the Adafruit Feather HUZZAH, an ESP12E chip from the ESP8266 family. It adds WiFi capability and on board logging making the build nearly plug and p…

A proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization.

JexBoss: Jboss verify and EXploitation Tool

A webshell framework for penetration testers.

pwnat punches holes in firewalls and NATs allowing any numbers of clients behind NATs to directly connect to a server behind a different NAT using a newly developed technique with no 3rd party, por…

Currently: Exploit scripts for HID EVO door controllers--- Future: Exploit framework for Physical Access Control/Monitoring Systems

osint_tools_security_auditing

USBdriveby exploits the trust of USB devices by emulating an HID keyboard and mouse, installing a firewall-evading backdoor, and rerouting DNS within seconds of plugging it in

A little toolbox to play with Microsoft Kerberos in C

A PowerShell based utility for the creation of malicious Office macro documents.

A collection of awesome penetration testing resources, tools and other shiny things

vcsmap is a plugin-based tool to scan public version control systems for sensitive information.

A portable console aimed at making pentesting with PowerShell a little easier.

Collection of generic social engineering payloads