diff --git a/README.md b/README.md
index 8a06e4b..f44bc4c 100644
--- a/README.md
+++ b/README.md
@@ -161,6 +161,10 @@ This repository is created as an online bookmark for useful links, resources and
aboul3la/Sublist3r |
Fast subdomains enumeration tool for penetration testers |
+
+ Acheron-VAF/Acheron |
+ Acheron is a RESTful vulnerability assessment and management framework built around search and dedicated to terminal extensibility. |
+
ambionics/phpggc |
PHPGGC is a library of unserialize() payloads along with a tool to generate them, from command line or programmatically. |
@@ -181,6 +185,14 @@ This repository is created as an online bookmark for useful links, resources and
brannondorsey/dns-rebind-toolkit |
A front-end JavaScript toolkit for creating DNS rebinding attacks. |
+
+ BishopFox/h2csmuggler |
+ HTTP Request Smuggling over HTTP/2 Cleartext (h2c) |
+
+
+ danmar/cppcheck |
+ static analysis of C/C++ code |
+
facebook/pyre-check/ |
Performant type-checking for python. |
@@ -206,6 +218,10 @@ This repository is created as an online bookmark for useful links, resources and
mazen160/bfac |
BFAC (Backup File Artifacts Checker): An automated tool that checks for backup artifacts that may disclose the web-application's source code. |
+
+ microsoft/onefuzz |
+ A self-hosted Fuzzing-As-A-Service platform |
+
mindedsecurity/JStillery |
Advanced JS Deobfuscation via Partial Evaluation. |
@@ -230,6 +246,10 @@ This repository is created as an online bookmark for useful links, resources and
Public WWW |
Source Code Search Engine |
+
+ pumasecurity/puma-scan |
+ Puma Scan is a software security Visual Studio extension that provides real time, continuous source code analysis as development teams write code. Vulnerabilities are immediately displayed in the development environment as spell check and compiler warnings, preventing security bugs from entering your applications. |
+
pwntester/ysoserial.net |
Deserialization payload generator for a variety of .NET formatters |
@@ -556,6 +576,10 @@ This repository is created as an online bookmark for useful links, resources and
prevade/cloudjack |
Route53/CloudFront Vulnerability Assessment Utility |
+
+ pumasecurity/serverless-prey |
+ Serverless Functions for establishing Reverse Shells to Lambda, Azure Functions, and Google Cloud Functions |
+
random-robbie/slurp |
Enumerate S3 buckets via certstream, domain, or keywords |
@@ -773,6 +797,10 @@ This repository is created as an online bookmark for useful links, resources and
cryps1s/DARKSURGEON |
DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. |
+
+ cyb3rfox/Aurora-Incident-Response |
+ Incident Response Documentation made easy. Developed by Incident Responders for Incident Responders |
+
Cyb3rWard0g/HELK |
A Hunting ELK (Elasticsearch, Logstash, Kibana) with advanced analytic capabilities. |
@@ -909,6 +937,14 @@ This repository is created as an online bookmark for useful links, resources and
MalwareSoup/MitreAttack |
Python wrapper for the Mitre ATT&CK framework API |
+
+ markbaggett/srum-dump |
+ A forensics tool to convert the data in the Windows srum (System Resource Usage Monitor) database to an xlsx spreadsheet. |
+
+
+ markbaggett/werejugo |
+ Identifies physical locations where a laptop has been based upon wireless profiles and wireless data recorded in event logs |
+
mozilla/audit-go |
Linux Audit Plugin for heka written using netlink Protocol in golang and Lua |
@@ -1086,6 +1122,10 @@ This repository is created as an online bookmark for useful links, resources and
gellin/TeamViewer_Permissions_Hook_V1 |
A proof of concept injectable C++ dll, that uses naked inline hooking and direct memory modification to change your TeamViewer permissions. |
+
+ HASecuritySolutions/VulnWhisperer |
+ Create actionable data from your Vulnerability Scans |
+
hasherezade/process_doppelganging |
My implementation of enSilo's Process Doppelganging (PE injection technique) |
@@ -1209,10 +1249,6 @@ This repository is created as an online bookmark for useful links, resources and
CapacitorSet/box-js |
A tool for studying JavaScript malware |
-
- CAPEv2 Sandbox |
- CAPE Sandbox |
-
CERT-Polska/drakvuf-sandbox |
DRAKVUF Sandbox - automated hypervisor-level malware analysis system |
@@ -1437,6 +1473,10 @@ This repository is created as an online bookmark for useful links, resources and
mohamedaymenkarmous/alienvault-otx-api-html |
AlienVault OTX API-based project with HTML (pure HTML or mixed PNG screenshots) reports pages that looks like the real AlienVault OTX website |
+
+ NavyTitanium/Fake-Sandbox-Artifacts |
+ This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools |
+
nbeede/BoomBox |
Automatic deployment of Cuckoo Sandbox malware lab using Packer and Vagrant |
@@ -1564,10 +1604,6 @@ This repository is created as an online bookmark for useful links, resources and
VX Vault |
VX Vault |
-
-
- vx-undergroud |
- A Malware Block is a compressed 7z file with 40,000 malicious binaries. Each binary is listed in an accompanied 'File listing'. Each block is 100% unique. |
zerosum0x0/smbdoor |
@@ -1662,6 +1698,10 @@ This repository is created as an online bookmark for useful links, resources and
quark-engine/quark-engine |
An Obfuscation-Neglect Android Malware Scoring System |
+
+ RealityNet/kobackupdec |
+ Huawei backup decryptor |
+
sensepost/objection |
objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. |
@@ -1695,6 +1735,14 @@ This repository is created as an online bookmark for useful links, resources and
aol/moloch |
Moloch is an open source, large scale, full packet capturing, indexing, and database system |
+
+ austin-taylor/flare |
+ An analytical framework for network traffic and behavioral analytics |
+
+
+ crowdsecurity/crowdsec/ |
+ Crowdsec - An open-source, lightweight agent to detect and respond to bad behaviours. It also automatically benefits from our global community-wide IP reputation database. |
+
blechschmidt/massdns |
A high-performance DNS stub resolver for bulk lookups and reconnaissance (subdomain enumeration) |
@@ -1703,6 +1751,10 @@ This repository is created as an online bookmark for useful links, resources and
byt3bl33d3r/MITMf |
Framework for Man-In-The-Middle attacks |
+
+ dhoelzer/ShowMeThePackets |
+ Useful network monitoring, analysis, and active response tools used or mentioned in the SANS SEC503 course |
+
DNSdumpster.com |
dns recon & research, find & lookup dns records |
@@ -1719,6 +1771,14 @@ This repository is created as an online bookmark for useful links, resources and
infobyte/evilgrade |
Evilgrade is a modular framework that allows the user to take advantage of poor upgrade implementations by injecting fake updates. It comes with pre-made binaries (agents), a working default configuration for fast pentests, and has it's own WebServer and DNSServer modules. Easy to set up new settings, and has an autoconfiguration when new binary agents are set. |
+
+ joswr1ght/cowpatty |
+ coWPAtty: WPA2-PSK Cracking |
+
+
+ joswr1ght/nm2lp |
+ Convert Windows Netmon Monitor Mode Wireless Packet Captures to Libpcap Format |
+
michenriksen/aquatone |
AQUATONE is a set of tools for performing reconnaissance on domain names. It can discover subdomains on a given domain by using open sources as well as the more common subdomain dictionary brute force approach. After subdomain discovery, AQUATONE can then scan the hosts for common web ports and HTTP headers, HTML bodies and screenshots can be gathered and consolidated into a report for easy analysis of the attack surface. |
@@ -1768,6 +1828,10 @@ This repository is created as an online bookmark for useful links, resources and
arch4ngel/peasant |
LinkedIn reconnaissance tool |
+
+ byt3bl33d3r/WitnessMe |
+ Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to make life easier. |
+
CellID Finder |
Find GSM base stations cell id coordinates |
@@ -1904,6 +1968,10 @@ This repository is created as an online bookmark for useful links, resources and
Recon-NG |
Recon-ng is a reconnaissance tool with an interface similar to Metasploit. Running recon-ng from the command line you enter a shell like environment where you can configure options, perform recon and output results to different report types. |
+
+ WebBreacher/WhatsMyName |
+ This repository has the unified data required to perform user enumeration on various websites. Content is in a JSON file and can easily be used in other projects. |
+
WhatsMyName Web |
This tool allows you to enumerate usernames across many websites |
@@ -1978,10 +2046,22 @@ This repository is created as an online bookmark for useful links, resources and
BC-SECURITY/Empire |
Empire is a PowerShell and Python post-exploitation agent. |
+
+ besimorhino/powercat |
+ netshell features all in version 2 powershell |
+
bohops/GhostBuild |
GhostBuild is a collection of simple MSBuild launchers for various GhostPack/.NET projects |
+
+ byt3bl33d3r/CrackMapExec |
+ A swiss army knife for pentesting networks |
+
+
+ byt3bl33d3r/SILENTTRINITY |
+ An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR |
+
cobbr/Covenant |
Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers. |
@@ -2074,18 +2154,6 @@ This repository is created as an online bookmark for useful links, resources and
mattifestation/PoCSubjectInterfacePackage |
A PoC subject interface package (SIP) provider designed to educate about the required components of a SIP provider. |
-
- Ne0nd0g/merlin |
- Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. |
-
-
- OmerYa/Invisi-Shell |
- Hide your Powershell script in plain sight. Bypass all Powershell security features |
-
-
- putterpanda/mimikittenz |
- A post-exploitation powershell tool for extracting juicy info from memory. |
-
mdsecactivebreach/Chameleon |
Chameleon: A tool for evading Proxy categorisation |
@@ -2118,10 +2186,18 @@ This repository is created as an online bookmark for useful links, resources and
NetSPI/goddi |
goddi (go dump domain info) dumps Active Directory domain information |
+
+ nidem/kerberoast |
+ Kerberoast is a series of tools for attacking MS Kerberos implementations. Below is a brief overview of what each tool does. |
+
outflanknl/Recon-AD |
Recon-AD, an AD recon tool based on ADSI and reflective DLL’s |
+
+ OmerYa/Invisi-Shell |
+ Hide your Powershell script in plain sight. Bypass all Powershell security features |
+
peewpw/Invoke-PSImage |
Embeds a PowerShell script in the pixels of a PNG file and generates a oneliner to execute |
@@ -2134,6 +2210,14 @@ This repository is created as an online bookmark for useful links, resources and
Plazmaz/LNKUp |
Generates malicious LNK file payloads for data exfiltration |
+
+ Project Prismatica |
+ Project Prismatica is a focused framework for Command and Control that is dedicated to extensibility. |
+
+
+ putterpanda/mimikittenz |
+ A post-exploitation powershell tool for extracting juicy info from memory. |
+
secretsquirrel/SigThief |
Stealing Signatures and Making One Invalid Signature at a Time |
@@ -2179,6 +2263,10 @@ This repository is created as an online bookmark for useful links, resources and
Link |
Description |
+
+ AlteredSecurity/365-Stealer/ |
+ 365-Stealer is the tool written in python3 which steals data from victims office365 by using access_token which we get by phishing. It steals outlook mails, attachments, OneDrive files, OneNote notes and injects macros. |
+
boxug/trape |
People tracker on the Internet: Learn to track the world, to avoid being traced. |