offensivesecurity

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository ar...

OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines

WiFi Penetration Testing Guide

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

Discover new target domains using Content Security Policy

A Burp Suite extension for identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations. It supports dynamic payload generation, including BCheck s...

The Most Advanced Client-Side Prototype Pollution Scanner

The Most Advanced Client-Side Prototype Pollution Scanner

one-stop resource for all things offensive security.

「💀」Proof of concept on BYOVD attack

SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. It filters URLs to identify those with parameters susceptible to...

This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those dedica...

Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.

fsociety is a penetration toolkit inspired from MR. ROBOT

A lightweight, modular Command and Control (C2) framework built for offensive security research and red teaming (Post Exploitation).

「⚠️」Performing a BYOVD on the truesight.sys driver

Our repo for crushing through RTO course & labs.

A nostalgic journey back to the era of retro RPGs with a cyber twist in the theme of Die Hard

urlyzer is a URL parsing analysis tool.