21714
The channel was created for cybersecurity specialists. • Offensive Security • RedTeam • Malware Research • BugBounty • OSINT • etc Disclaimer: t.me/hackgit/2082 Donations - Ads: t.me/hackgit/5423
Kraken
A powerful Python-based tool designed to centralize and streamline brute-forcing tasks. Kraken provides a suite of tools for #cybersecurity professionals to efficiently perform brute-force attacks across various protocols and services.
https://github.com/jasonxtn/Kraken
#bugbounty #infosec #pentesting
ByeDPI for Android
#Android application that runs a local #VPN service to bypass DPI (Deep Packet Inspection) and censorship.
https://github.com/dovecoteescapee/ByeDPIAndroid
#cybersecurity #infosec #privacy
Top Secret Detection Tools
Powerful tools designed to detect secret leaks.
• https://github.com/trufflesecurity/trufflehog
• https://github.com/newrelic/rusty-hog
• https://github.com/Yelp/detect-secrets
• https://github.com/gitleaks/gitleaks
• https://github.com/awslabs/git-secrets
• https://github.com/tillson/git-hound
• https://github.com/secretlint/secretlint
• https://github.com/secretlint/webextension
#cybersecurity #infosec #bugbounty
SGN
A polymorphic binary encoder for offensive security purposes such as generating statically undetecable binary payloads. It uses a additive feedback loop to encode given binary instructions similar to LSFR.
https://github.com/EgeBalci/sgn
#cybersecurity #pentesting #redteam
File Tunnel
Tunnel TCP connections through a file.
https://github.com/fiddyschmitt/File-Tunnel
#cybersecurity #infosec #privacy
🖧🔍 NetAlertX
#WIFI / LAN intruder detector. Scans for devices connected to your network and alerts you if new and unknown devices are found.
https://github.com/jokob-sk/NetAlertX
#cybersecurity #infosec #pentesting
FWT
A security analysis and file monitoring tool that utilizes Sysmon events.
https://github.com/iomoath/FileWatchTower
#cybersecurity #infosec #blueteam
RemoteKrbRelay
Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
https://github.com/CICADA8-Research/RemoteKrbRelay
#cybersecurity #pentesting #redteam
Subprober
A powerful and efficient tool designed for penetration testers and security professionals. This release introduces several enhancements, bug fixes, and new features to elevate your subdomain probing experience. Subprober facilitates fast and reliable information extraction, making it an invaluable asset for penetration testing workflows.
https://github.com/RevoltSecurities/SubProber
#cybersecurity #infosec #bugbounty
smbclient-ng
A fast and user friendly way to interact with SMB shares.
https://github.com/p0dalirius/smbclient-ng
#cybersecurity #infosec #pentesting
IPPrint C2
PoC for using MS Windows printers for persistence / command and control via Internet Printing
https://github.com/Diverto/IPPrintC2
#cybersecurity #infosec #redteam
nowafpls
Burp Plugin to Bypass WAFs through the insertion of Junk Data.
https://github.com/assetnote/nowafpls
#pentesting #redteam #bugbounty
SigmaPotato
SeImpersonate privilege escalation tool for Windows 8 - 11 and Windows Server 2012 - 2022 with extensive PowerShell and .NET reflection support.
https://github.com/tylerdotrar/SigmaPotato
#cybersecurity #pentesting #redteam
Passive Aggression
This repo contains test samples and proof-of-concept code for achieving passive persistence in Active Directory (AD) environments, even after remediation efforts. Some of these techniques may result in an eternal persistence scenario, where an attacker does not need to have access to domain controllers or domain joined machines, allowing them to continuously persist in the network without detection.
https://github.com/huntandhackett/PassiveAggression
#cybersecurity #redteam #pentesting
👺TotalRecall
This tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.
https://github.com/xaitax/TotalRecall
#cybersecurity #pentesting #redteam
Shodan Dorks
This GitHub repo offers Shodan "dorks" to help find vulnerabilities in internet-connected devices like webcams and routers. Great for both beginners and pros in network security.
https://github.com/nullfuzz-pentest/shodan-dorks
#cybersecurity #infosec #pentesting
Entropy
A CLI tool that will scan your codebase for high entropy lines, which are often secrets.
https://github.com/EwenQuim/entropy
#cybersecurity #infosec #bugbounty
Open Source Scanners
A list of open source web security scanners on GitHub and GitLab, ordered by Stars. It does not provide in-depth analysis - for more analysis or a wider range of tools.
https://github.com/psiinon/open-source-web-scanners
#cybersecurity #pentesting #bugbounty
JSluice URL and Secrets Processor
This tool recursively processes JavaScript files to extract URLs and secrets using the jsluice command-line utility. It starts with an initial URL, processes all JavaScript files it encounters, and outputs a comprehensive list of unique URLs and any secrets found.
https://github.com/nullenc0de/gofuzz
#pentesting #redteam #bugbounty
🕵️♂️ Sniffnet
A network monitoring tool to help you easily keep track of your Internet traffic.
🏷 select a set of filters to apply to the observed traffic
📖 view overall statistics about your Internet traffic
📈 view real-time charts about traffic intensity
📌 keep an eye on your network even when the application is minimized
📁 export comprehensive capture reports as PCAP files
🔎 identify 6000+ upper layer services, protocols, trojans, and worms
🌐 find out domain name and ASN of the hosts you are exchanging traffic with
🏠 identify connections in your local network
🌍 discover the geographical location of the remote hosts
🕵️♂️ inspect each of your network connections in real time
... and more!
https://github.com/GyulyVGC/sniffnet
#cybersecurity #infosec #pentesting
Awesome-Google-Dorks
A collection of Awesome Google Dorks.
https://github.com/Tobee1406/Awesome-Google-Dorks
#cybersecurity #infosec
DumpMDEConfig PowerShell Script
PowerShell script to dump Microsoft Defender Config, protection history and Exploit Guard Protection History (no admin privileges required )
https://github.com/BlackSnufkin/Invoke-DumpMDEConfig
#cybersecurity #pentesting #redteam
GoRedOps
A collection of Golang projects designed specifically for red teamers and offensive security operations. This repository provides various tools and techniques essential for penetration testing, exploitation, and security research.
https://github.com/EvilBytecode/GoRedOps
#cybersecurity #pentesting #redteam
ScriptBlock Smuggling
A new technique, that allows for the spoofing of PowerShell security logs & bypasses AMSI without the need for reflection or memory patching.
https://github.com/BC-SECURITY/ScriptBlock-Smuggling
Details:
https://bc-security.org/scriptblock-smuggling
#infosec #pentesting #redteam
PWA-Phishing
This repository is simply to demonstrate how PWA phishing works.
https://github.com/mrd0x/PWA-Phishing
#cybersecurity #pentesting #redteam
ConPass
Python tool for continuous password spraying taking into account the password policy.
https://github.com/login-securite/conpass
#pentesting #redteam #bugbounty
🛡SafeLine
A simple, lightweight, locally deployable WAF, it is the best waf for webmaster.
It serves as a reverse proxy access to protect your website from network attacks that including OWASP attacks, zero-day attacks, web crawlers, vulnerability scanning, vulnerability exploit, http flood and so on.
• Cumulative installations exceed 130,000 units
• Protecting websites over 1,000,000
• Processing HTTP requests over 30,000,000,000 times per day
• Intercepting attacks over 50,000,000 times per day
https://github.com/chaitin/SafeLine
#cybersecurity #infosec #blueteam
Disabling Tamper Protection
It is possible to abuse SYSTEM / TrustedInstaller privileges to tamper or delete WdFilter settings (ALTITUDE regkey) and unload the kernel minidriver to disable Tamper protection and other Defender components. This also affects Microsoft's Defender for Endpoint (MDE), blinding MDE of telemetry and activity performed on a target.
https://github.com/AlteredSecurity/Disable-TamperProtection
#cybersecurity #redteam #pentesting
🌐 Freeway
A Python scapy-based tool for WiFi penetration that aim to help ethical hackers and pentesters develop their skills and knowledge in auditing and securing home or enterprise networks.
• IEEE 802.11 Packet Monitoring
• Deauthentication Attack
• Beacon Flood
• Packet Fuzzer
• Network Audit
• Channel Hopper
• Evil Twin
https://github.com/FLOCK4H/Freeway
#cybersecurity #infosec #pentesting
🥠 CookieKatz
A project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.
• Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes
• Access cookies of other user's browsers when running elevated
• Dump cookies from webview processes
• No need to touch on-disk database file
• DPAPI keys not needed to decrypt the cookies
• Parse cookies offline from a minidump file
https://github.com/Meckazin/ChromeKatz
#cybersecurity #pentesting #redteam
