Top repositories
1
Red-Teaming-TTPs
Useful Techniques, Tactics, and Procedures for red teamers and defenders, alike!
538
2
Anti-Virus-Evading-Payloads
During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, delivering a payload through an exploit, or social engineering, running code on target computers is part of most penetration tests. That means that you will need to be able to bypass antivirus software or other host-based protection for successful exploitation. The most effective way to avoid antivirus detection on your target's computers is to create your own customized backdoor. Here is a simple way to evade anti-virus software when creating backdoors!
498
3
Abusing-Roku-APIs
A fun repository on how to externally issue commands to Roku devices utilizing the External Control Protocol (ECP). The repository covers how to enumerate devices, issue commands via "curl," and designing custom scripts to mess with friends and family!
169
4
ScrapPY
ScrapPY is a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists that can be utilized by offensive security tools to perform brute force, forced browsing, and dictionary attacks against targets. The tool dives deep to discover keywords and phrases leading to potential passwords or hidden directories.Python
96
5
WindowsKiller
Generates a flood of Router Advertisements (RA) with random source MAC addresses and IPv6 prefixes. Computers, which have stateless autoconfiguration enabled by default (every major OS), will start to compute IPv6 suffix and update their routing table to reflect the accepted announcement. This will cause 100% CPU usage on Windows and platforms, preventing to process other application requests.Lua
88
6
Obfusc8ted
You and the AppleLabs' Incident Response Team have been notified of a potential breach to a Human Resources' workstation. According to the Human Resources representative, they did not notice any anomalous activity while browsing the web, but the AppleLabs' system information and event management (SIEM) instance alerted on a suspicious domain. Moments later, the host-based intrusion detection system (HIDS) alerted on several malicious programs acting as potential keyloggers. While the AppleLabs' IT and Incident Response Teams struggle to find the answers, can you lend us your digital forensic experience to hunt down this threat actor?
72
7
ExtraTerrestrial
As an Open Source Intelligence analyst, you have been tasked with locating Activia Productions' project manager and recruiter, Khalil Askerman, who disappeared shortly after leaving for a company sponsored trip. According to family and friends, Khalil was a loveable guy who enjoyed the little things in life like going to Waffle House at 2 A.M after a night of wearing out the company credit card with clients on scented dry erase markers and LonelyFans. Can you assist Activia Productions in finding their missing project manager?
70
8
DNS-Fender
A Proof-of-Concept tool utilizing open DNS resolvers to produce an amplification attack against web servers. Using Shodan APIs and native Linux commands, this tool is in development to cripple web servers using spoofed DNS recursive queries.Shell
54
9
Rotty.py
Rotty.py delivers a cross-platform solution for performing simple home network monitoring. Utilizing network mapping, service enumeration, and port scanning capabilities, Rotty will monitor your home network and report any significant changes that occur via email. This simple script will give you visibility and insight into the dynamic and ever-changing environment of your network.Python
53
10
APOLOGEE
APOLOGEE is a Python script and Metasploit module that enumerates a hidden directory on Siemens APOGEE PXC BACnet Automation Controllers (all versions prior to V3.5) and TALON TC BACnet Automation Controllers (all versions prior to V3.5). With a 7.5 CVSS, this exploit allows for an attacker to perform an authentication bypass using an alternate path or channel to access hidden directories in the web server. This repository takes advantage of CVE-2017-9947.Python
38
11
Enumerating-ICS-SCADA-Devices
A compilation of scripts and scans for discovering and enumerating industrial control and SCADA devices. Utilizing open-source tools, I have compiled scans and scripts for targeting Operational Technology (OT) devices and hosts!Ruby
31
12
SIMATIC-SMACKDOWN
A compact and simple program targeting SIMATIC S7 Programmable Logic Controllers (PLCs) written in Go. Allowing for cross-compilation to target multiple operating systems out of the box, SIMATIC-SMACKDOWN enumerates networks for S7 devices before launching a distributed attack to STOP PLC CPUs.Go
30
13
Automator-Terminator
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.Python
29
14
RoseSecurity
13
15
Enum_AzureSubdomains
A Metasploit Auxiliary module for enumerating public Azure services by locating valid subdomains through various DNS queries.Ruby
9