لتثبيت نظام لينكس الفرعي wslg
https://github.com/microsoft/wslg

windows terminal
https://github.com/microsoft/terminal

#arsenal
git clone https://github.com/Orange-Cyberdefense/arsenal

# cd arsenal
# pip install -r requirements.txt
# ./run
or # cd mindmap

Tool to discover external and internal network attack surface
متطلبات أساسية
Latest version of Kali Linux
16 GB of RAM at least
1 TB HD - XFS filesystem recommended

As root
git clone https://github.com/vmware-labs/attack-surface-framework.git /opt/asf

# cd /opt/asf/
# ./setup.sh
Assign youruser, email and yourpass Once the installation is completed
# cd /opt/asf/frontend/asfgui/
# bin/activate
# python3 manage.py runserver
and set server

#CVE-2021-41773 playground
Apache HTTP Server 2.4.49

https://github.com/blasty/CVE-2021-41773

Metasploit modules (scanner and exploit) for the CVE-2021-41773 and CVE-2021-42013 (Path Traversal in Apache 2.4.49/2.4.50)
https://github.com/Zeop-CyberSec/apache_normalize_path/commits/master

Apachuk - CVE-2021-41773 Grabber with Shodan
https://github.com/apapedulimu/Apachuk

Remote Code Execution V1 For iOS 15 sent through airdrop after the device was connected to a trusted host

https://github.com/jonathandata1/ios_15_rce

Bindiff and POC for the IOMFB vulnerability, iOS 15.0.2

https://saaramar.github.io/IOMFB_integer_overflow_poc/

Apache (Linux) CVE-2021-41773/2021-42013 Mass Vulnerability Checker

https://github.com/im-hanzou/apachrot

CVE-2021-29337 - Privilege Escalation in MODAPI.sys (MSI Dragon Center)

https://github.com/rjt-gupta/CVE-2021-29337

Scan installed EDRs and AVs on Windows https://github.com/FourCoreLabs/EDRHunt

#kill_edr
A tool to kill antimalware protected processes https://github.com/Yaxser/Backstab

All-in-One #malware_analysis tool

https://github.com/CYB3RMX/Qu1cksc0pe

The Ultimate #OSINT and Threat Hunting Framework
Blockchain Search
Domain Fuzzer
Twitter Scraper
Instagram Search
Have I Been Pwned Search
Ahmia Darkweb Search
IP Stack Search
Threat Crowd Search
Yandex and Naver Search
Vkontakte Search
Vulners Search and more .. .

https://github.com/matamorphosis/Scrummage

ProxyToken (CVE-2021-33766) : An Authentication Bypass in Microsoft Exchange Server #poc exploit
https://github.com/bhdresh/CVE-2021-33766

#poc CVE-2021-37980 : Inappropriate implementation in Sandbox (windows only)
https://github.com/ZeusBox/CVE-2021-37980

My take on CVE-2021-30858 #poc for ps4 8.xx It's just a POC
https://github.com/PeterMxx/ps4_8.00_vuln_poc

A simple Python proof of concept for CVE-2021-38295
https://github.com/ProfessionallyEvil/CVE-2021-38295-PoC

apache httpd path traversal checker(CVE-2021-41773 / CVE-2021-42013)
https://github.com/theLSA/apache-httpd-path-traversal-checker

#stateafl a coverage driven greybox fuzzer for stateful network protocols

https://github.com/stateafl/stateafl

#Sysmon_For_Linux
build and install instructions

https://github.com/Sysinternals/SysmonForLinux

#Finger is a function symbol recognition engine for binary programs developed by Alibaba Cloud · Cloud Security Technology Lab, which aims to help security researchers identify unknown library functions in a given binary file

https://github.com/aliyunav/Finger

#sleep_python_bridge It allows the control of a Cobalt Strike teamserver through python without the need for for the standard GUI client.

https://github.com/Cobalt-Strike/sleep_python_bridge