Standalone man-in-the-middle attack framework used for phishing login credentials along with session cookies, allowing for the bypass of 2-factor authentication

PowerSploit - A PowerShell Post-Exploitation Framework

Red Team Attack Lab for TTP testing & research

Next Generation DorX. Built by Dorks, for Dorks. 🤓

Passive internal reconnaissance tool

Useful Cobalt Strike Beacon Object Files (BOFs) used during red teaming and penetration testing engagements.

OpenDocMan - Free PHP Document Management System DMS

😱 A curated list of amazingly awesome OSINT

Testing out vagrant to spin up an AD lab

A private botnet using multiple cloud environments for pentesters and red teamers. - Built by the community during a hackathon at the WWHF 2018 security conference

MSFvenom Payload Creator (MSFPC)

Proof of concept MacOS post exploitation tool written in Swift. Designed as a POC for blue teams to build macOS detections. Author: Cedric Owens

Blackbox tool to disable SSL certificate validation - including certificate pinning - within iOS and OS X Apps

open-source jailbreaking tool for many iOS devices

The full story of the CLR implementation of Meterpreter

A curated list of awesome command-line frameworks, toolkits, guides and gizmos. Inspired by awesome-php.

A threaded, recursive, web directory brute-force scanner over HTTP/2.

Network Pivoting Toolkit

A fast TCP tunnel over HTTP

Java deserialization examples

Cross compiling reverse/bind shell payload dropper

Use unicornscan to quickly scan all open ports, and then pass the open ports to nmap for detailed scans.

Exploits written by the Rhino Security Labs team

Automatic SQL injection and database takeover tool

NSA finest tool

Used for the osce exam preparation