offensivesecurity

A collection of techniques, examples and a little bit of theory for manually obfuscating PowerShell scripts to achieve AV evasion, compiled for educational purposes. The contents of this repository ar...

OSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines

Red Team Toolkit is an Open-Source Django Offensive Web-App which is keeping the useful offensive tools used in the red-teaming together.

WiFi Penetration Testing Guide

Discover new target domains using Content Security Policy

A Burp extension helps identifying injection flaws (LFI, RCE, SQLi), authentication/authorization issues, and HTTP 403 access violations, while also converting HTTP requests to JavaScript for enhanced...

The Most Advanced Client-Side Prototype Pollution Scanner

one-stop resource for all things offensive security.

「💀」Proof of concept on BYOVD attack

SQLMutant is a powerful SQL injection testing tool that includes both passive and active reconnaissance processes for any given domain. It filters URLs to identify those with parameters susceptible to...

The Most Advanced Client-Side Prototype Pollution Scanner

This comprehensive and central repository is designed for cybersecurity enthusiasts, researchers, and professionals seeking to stay ahead in the field. It provides a valuable resource for those dedica...

Chalumeau is automated,extendable and customizable credential dumping tool based on powershell and python.

fsociety is a penetration toolkit inspired from MR. ROBOT

「⚠️」Performing a BYOVD on the truesight.sys driver

Our repo for crushing through RTO course & labs.

A nostalgic journey back to the era of retro RPGs with a cyber twist in the theme of Die Hard

urlyzer is a URL parsing analysis tool.

My experiments in weaponizing ONOS applications (https://github.com/opennetworkinglab/onos)