Resource-List icon indicating copy to clipboard operation
Resource-List copied to clipboard

Published 20 hours ago verified publisher icon FuzzySecurity

Metadata

GitHub Project Resource List

Resource-List

A collection of useful GitHub projects loosely categorised. I may end up adding non-GitHub projects + KB-style links for topics.

pwnd

  • ODAT Oracle Database Attack Tool:

    • https://github.com/quentinhardy/odat

  • clusterd framework, attacking JBoss, CF, WebLogic, Tomcat, Railo, Axis2, Glassfish:

    • https://github.com/hatRiot/clusterd

  • JexBoss - Jboss verify and EXploitation Tool:

    • https://github.com/joaomatosf/jexboss

  • The Backdoor Factory Proxy (BDFProxy):

    • https://github.com/secretsquirrel/BDFProxy

  • impacket:

    • https://github.com/CoreSecurity/impacket

  • CrackMapExec Windows/Active Directory swiss army knife:

    • https://github.com/byt3bl33d3r/CrackMapExec

  • commix:

    • https://github.com/stasinopoulos/commix

  • beef-drive, beef framework with WebRTC:

    • https://github.com/tsu-iscd/beef-drive

  • VirtuaPlant Industrial Control Systems simulator:

    • https://github.com/jseidl/virtuaplant

  • Responder, LLMNR, NBT-NS and MDNS poisoner, with built-in HTTP/SMB/MSSQL/FTP/LDAP rogue authentication server supporting NTLMv1/NTLMv2/LMv2, Extended Security NTLMSSP and Basic HTTP authentication:

    • https://github.com/SpiderLabs/Responder

  • WSUSpect Proxy - a tool for MITM'ing insecure WSUS connections:

    • https://github.com/ctxis/wsuspect-proxy

  • Potato, NTLM relay PrivEsc:

    • https://github.com/foxglovesec/Potato

  • jdwp-shellifier (Java Debug Wire Protocol):

    • https://github.com/stufus/jdwp-shellifier

  • foxglovesec JavaUnserializeExploits:

    • https://github.com/foxglovesec/JavaUnserializeExploits

  • KeeFarce, extraction of KeePass 2.x password database information from memory:

    • https://github.com/denandz/KeeFarce

  • Wolves Among the Sheep, MD5 hash collision:

    • https://github.com/silentsignal/sheep-wolf/

  • TDL (Turla Driver Loader). Driver loader for bypassing Windows x64 Driver Signature Enforcement:

    • https://github.com/hfiref0x/TDL

  • Ebowla, framework for Making Environmental Keyed Payloads:

    • https://github.com/Genetic-Malware/Ebowla

  • CVE-2016-1287 POC: IKEv1/v2 buffer overflow

    • https://github.com/exodusintel/disclosures/blob/master/CVE_2016_1287_PoC

  • SubTee, AllTheThings -> Includes 5 Known Application Whitelisting Bypass Techniques in One File:

    • https://github.com/subTee/AllTheThings

  • IAT_POC, IAT based payload, that bypasses DEP/ASLR protections in EMET:

    • https://github.com/ShellcodeSmuggler/IAT_POC

  • XRulez, Windows executable that can add malicious rules to Outlook:

    • https://github.com/mwrlabs/XRulez

PowerShell

  • BloodHound, Six Degrees of Domain Admin:

    • https://github.com/adaptivethreat/Bloodhound

  • PowerSploit - A PowerShell Post-Exploitation Framework:

    • https://github.com/PowerShellMafia/PowerSploit

  • PowerShellArsenal, PowerShell Module Dedicated to Reverse Engineering:

    • https://github.com/mattifestation/PowerShellArsenal

  • Empire, post-exploitation framework:

    • https://github.com/powershellempire/empire

  • PowerShell Empire Web Interface using the REST API interface:

    • https://github.com/interference-security/empire-web

  • PowerShell live disk forensics platform:

    • https://github.com/Invoke-IR/PowerForensics

  • PowerMemory:

    • https://github.com/giMini/PowerMemory

  • KeeThief, methods for attacking KeePass 2.X databases, including extracting of encryption key material from memory:

    • https://github.com/adaptivethreat/KeeThief

  • mimikittenz, a post-exploitation powershell tool for extracting juicy info from memory:

    • https://github.com/putterpanda/mimikittenz

  • Inveigh, LLMNR/NBNS spoofer/man-in-the-middle tool:

    • https://github.com/Kevin-Robertson/Inveigh

  • PowerUpSQL: A PowerShell Toolkit for Attacking SQL Server:

    • https://github.com/NetSPI/PowerUpSQL

  • PoshPrivilege, add/remove privileges to an account/group on a local machine as well as enabling or disabling existing privileges which are applied to a current user's process token:

    • https://github.com/proxb/PoshPrivilege

  • Tater, PowerShell implementation of Hot Potato PrivEsc:

    • https://github.com/Kevin-Robertson/Tater

  • Powershell to CodeExecution and ProcessInjection:

    • https://github.com/3gstudent/Code-Execution-and-Process-Injection

  • PoshRat, PowerShell Reverse HTTP(s) Shell:

    • https://github.com/subTee/PoshRat

  • p0wnedShell, PowerShell Runspace Post Exploitation Toolkit:

    • https://github.com/Cn33liz/p0wnedShell

  • PSAttack, a portable console aimed at making pentesting with PowerShell a little easier:

    • https://github.com/jaredhaight/PSAttack

  • OutlookPersistence:

    • https://github.com/enigma0x3/OutlookPersistence

  • Babadook: Connection-less Powershell Persistent and Resilient Backdoor

    • https://github.com/jseidl/Babadook
    • https://wroot.org/posts/babadook-connection-less-powershell-persistent-and-resilient-backdoor/

  • ps1-toolkit, obfuscated penetration testing PowerShell scripts:

    • https://github.com/vysec/ps1-toolkit

  • Windows 10 hardening:

    • https://gist.github.com/alirobe/7f3b34ad89a159e6daa1

CTF

  • CTF-Workshop:

    • https://github.com/kablaa/CTF-Workshop

  • ctf-tools:

    • https://github.com/zardus/ctf-tools

  • Mechanical Phish framework for the DARPA Cyber Grand Challenge (@shellphish):

    • https://github.com/mechaphish

  • pwntools, CTF framework used by Gallopsled:

    • https://github.com/Gallopsled/pwntools

  • Awesome CTF, tool list:

    • https://github.com/apsdehal/awesome-ctf

  • binjitsu:

    • https://github.com/binjitsu/binjitsu

  • 32/64 bit Intel shellcode for CTF style exploitation:

    • https://github.com/isislab/Shellcode

  • preeny, payloads for binary patching:

    • https://github.com/zardus/preeny

  • Eh'Trace (pronounced ATrace) is a binary tracing tool for Windows:

    • https://github.com/K2/EhTrace

  • flare-ida, IDA Pro scripts and plugins by the FireEye FLARE team:

    • https://github.com/fireeye/flare-ida

  • HexRaysCodeXplorer, IDA plugin for better code navigation:

    • https://github.com/REhints/HexRaysCodeXplorer

  • Qira, timeless debugger:

    • https://github.com/BinaryAnalysisPlatform/qira

  • Binary Ninja Python:

    • https://github.com/Vector35/binaryninja-python

  • radare2:

    • https://github.com/radare/radare2

  • Triton dynamic binary analysis framework:

    • https://github.com/JonathanSalwan/Triton

  • angr binary analysis framework:

    • https://github.com/angr/angr

  • Capstone disassembly/disassembler framework:

    • https://github.com/aquynh/capstone

  • Snowman Decompiler:

    • https://github.com/yegord/snowman

  • Pin unpacking and anti-evasion:

    • https://github.com/Seba0691/pin_unpacking_antievasion

  • tesseract-ocr:

    • https://github.com/tesseract-ocr/tesseract

  • xortool, analyze multi-byte xor cipher:

    • https://github.com/hellman/xortool

  • flare-floss, FireEye Obfuscated String Solver:

    • https://github.com/fireeye/flare-floss

  • FernFlower Java decompiler:

    • https://github.com/fesh0r/fernflower

  • dbSypy, .NET assembly editor, decompiler, and debugger:

    • https://github.com/0xd4d/dnSpy

  • JPEXS Free Flash Decompiler:

    • https://github.com/jindrapetrik/jpexs-decompiler

  • Robust ABC (ActionScript Bytecode) [Dis-]Assembler (RABCDAsm):

    • https://github.com/CyberShadow/RABCDAsm

  • WinAFL, a fork of AFL for fuzzing Windows binaries:

    • https://github.com/ivanfratric/winafl

  • Gray Hat C#:

    • https://github.com/brandonprry/gray_hat_csharp_code

  • CTF write-ups by PPP:

    • https://github.com/pwning/public-writeup

  • CTFs -> CTF write-up's:

    • https://github.com/ctfs

  • Modern Binary Exploitation RPISEC:

    • https://github.com/RPISEC/MBE

  • HeXA CTF Platform:

    • https://github.com/L34p/HeXA-CTF-2015

  • CTFd:

    • https://github.com/isislab/CTFd

  • Christmas-CTF:

    • https://github.com/brian020305/Christmas-CTF

  • CTF scoreboard:

    • https://github.com/ShySec/scrimmage-scoreboard

  • DefCon CTF VM:

    • http://fuzyll.com/2016/the-defcon-ctf-vm/
    • https://github.com/fuzyll/defcon-vm

Malware

  • GRR Rapid Response:

    • https://github.com/google/grr

  • Viper, Binary analysis framework:

    • https://github.com/viper-framework/viper

  • pafish, detect sandboxes and analysis environments in the same way as malware families do:

    • https://github.com/a0rtega/pafish

  • yara:

    • https://github.com/plusvic/yara/

  • Course materials for Malware Analysis by RPISEC (2015):

    • https://github.com/RPISEC/Malware

  • APTnotes, various public documents, whitepapers and articles about APT campaigns:

    • https://github.com/kbandla/APTnotes

  • QuasarRAT (c#):

    • https://github.com/quasar/QuasarRAT

  • browsersploit, advanced browser exploit pack for doing internal and external pentesting:

    • https://github.com/julienbedard/browsersploit

  • HellKitty-In-VC Ring3 Rootkit:

    • https://github.com/aaaddress1/HellKitty-In-VC

  • PowerWorm, PowerShell-based malware:

    • https://github.com/mattifestation/PowerWorm

  • Anti Sandbox and Anti Virtual Machine Tool:

    • https://github.com/AlicanAkyol/sems

  • JSDetox, JavaScript deobfuscation:

    • https://github.com/svent/jsdetox

  • CapTipper, analyze, explore and revive HTTP malicious traffic:

    • https://github.com/omriher/CapTipper

Metadata

314
Stars
84
Forks
Watchers

Owner

verified publisher icon FuzzySecurity

Metadata

GitHub Project Resource List

Back