Resource-List
A collection of useful GitHub projects loosely categorised. I may end up adding non-GitHub projects + KB-style links for topics.
pwnd
-
ODAT Oracle Database Attack Tool:
-
clusterd framework, attacking JBoss, CF, WebLogic, Tomcat, Railo, Axis2, Glassfish:
-
JexBoss - Jboss verify and EXploitation Tool:
-
The Backdoor Factory Proxy (BDFProxy):
-
impacket:
-
CrackMapExec Windows/Active Directory swiss army knife:
-
commix:
-
beef-drive, beef framework with WebRTC:
-
VirtuaPlant Industrial Control Systems simulator:
-
Responder, LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication:
-
WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections:
-
Potato, NTLM relay PrivEsc:
-
jdwp-shellifier (Java Debug Wire Protocol):
-
foxglovesec JavaUnserializeExploits:
-
KeeFarce, extraction of KeePass 2.x password database information from memory:
-
Wolves Among the Sheep, MD5 hash collision:
-
TDL (Turla Driver Loader). Driver loader for bypassing Windows x64 Driver Signature Enforcement:
-
Ebowla, framework for Making Environmental Keyed Payloads:
-
CVE-2016-1287 POC: IKEv1/v2 buffer overflow
-
SubTee, AllTheThings -> Includes 5 Known Application Whitelisting Bypass Techniques in One File:
-
IAT_POC, IAT based payload, that bypasses DEP/ASLR protections in EMET:
-
XRulez, Windows executable that can add malicious rules to Outlook:
PowerShell
-
BloodHound, Six Degrees of Domain Admin:
-
PowerSploit - A PowerShell Post-Exploitation Framework:
-
PowerShellArsenal, PowerShell Module Dedicated to Reverse Engineering:
-
Empire, post-exploitation framework:
-
PowerShell Empire Web Interface using the REST API interface:
-
PowerShell live disk forensics platform:
-
PowerMemory:
-
KeeThief, methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory:
-
mimikittenz, a post-exploitation powershell tool for extracting juicy info from memory:
-
Inveigh, LLMNR/NBNS spoofer/man-in-the-middle tool:
-
PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server:
-
PoshPrivilege, add/remove privileges to an account/group on a local machine as well as enabling or disabling existing privileges which are applied to a current user's process token:
-
Tater, PowerShell implementation of Hot Potato PrivEsc:
-
Powershell to CodeExecution and ProcessInjection:
-
PoshRat, PowerShell Reverse HTTP(s) Shell:
-
p0wnedShell, PowerShell Runspace Post Exploitation Toolkit:
-
PSAttack, a portable console aimed at making pentesting with PowerShell a little easier:
-
OutlookPersistence:
-
Babadook: Connection-less Powershell Persistent and Resilient Backdoor
-
ps1-toolkit, obfuscated penetration testing PowerShell scripts:
-
Windows 10 hardening:
CTF
-
CTF-Workshop:
-
ctf-tools:
-
Mechanical Phish framework for the DARPA Cyber Grand Challenge (@shellphish):
-
pwntools, CTF framework used by Gallopsled:
-
Awesome CTF, tool list:
-
binjitsu:
-
32/64 bit Intel shellcode for CTF style exploitation:
-
preeny, payloads for binary patching:
-
Eh'Trace (pronounced ATrace) is a binary tracing tool for Windows:
-
flare-ida, IDA Pro scripts and plugins by the FireEye FLARE team:
-
HexRaysCodeXplorer, IDA plugin for better code navigation:
-
Qira, timeless debugger:
-
Binary Ninja Python:
-
radare2:
-
Triton dynamic binary analysis framework:
-
angr binary analysis framework:
-
Capstone disassembly/disassembler framework:
-
Snowman Decompiler:
-
Pin unpacking and anti-evasion:
-
tesseract-ocr:
-
xortool, analyze multi-byte xor cipher:
-
flare-floss, FireEye Obfuscated String Solver:
-
FernFlower Java decompiler:
-
dbSypy, .NET assembly editor, decompiler, and debugger:
-
JPEXS Free Flash Decompiler:
-
Robust ABC (ActionScript Bytecode) [Dis-]Assembler (RABCDAsm):
-
WinAFL, a fork of AFL for fuzzing Windows binaries:
-
Gray Hat C#:
-
CTF write-ups by PPP:
-
CTFs -> CTF write-up's:
-
Modern Binary Exploitation RPISEC:
-
HeXA CTF Platform:
-
CTFd:
-
Christmas-CTF:
-
CTF scoreboard:
-
DefCon CTF VM:
Malware
-
GRR Rapid Response:
-
Viper, Binary analysis framework:
-
pafish, detect sandboxes and analysis environments in the same way as malware families do:
-
yara:
-
Course materials for Malware Analysis by RPISEC (2015):
-
APTnotes, various public documents, whitepapers and articles about APT campaigns:
-
QuasarRAT (c#):
-
browsersploit, advanced browser exploit pack for doing internal and external pentesting:
-
HellKitty-In-VC Ring3 Rootkit:
-
PowerWorm, PowerShell-based malware:
-
Anti Sandbox and Anti Virtual Machine Tool:
-
JSDetox, JavaScript deobfuscation:
-
CapTipper, analyze, explore and revive HTTP malicious traffic: