patching authenticode signed PE files (exe, dll, sys ..etc) without invalidating or breaking the existing signature
https://github.com/med0x2e/SigFlip

Quickly search for references to a GUID in DLLs, EXEs, and drivers
https://github.com/matterpreter/FindETWProviderImage

Dump the memory of a PPL with a userland exploit
https://github.com/itm4n/PPLdump

Stop Windows Defender programmatically
https://github.com/lab52io/StopDefender

MS-FSRVP coercion abuse PoC
https://github.com/ShutdownRepo/ShadowCoerce

Privilege Escalation Enumeration Script for Windows
https://github.com/h4wkst3r/InvisibilityCloak

Offensive PowerShell for red team, penetration testing and offensive security
https://github.com/samratashok/nishang

utility which provides the list of vulnerabilities the OS is vulnerable to, including any exploits for these vulnerabilities
https://github.com/bitsadmin/wesng

A little tool to play with Windows security
https://github.com/vletoux/mimikatz

Zooming in on Zero-click Exploits
https://googleprojectzero.blogspot.com/2022/01/zooming-in-on-zero-click-exploits.html?m=1

Seeyoucm thief Exploiting Common Misconfigurations in Cisco Phone Systems
https://www.trustedsec.com/blog/seeyoucm-thief-exploiting-common-misconfigurations-in-cisco-phone-systems

FIN8 New Ransomware Spotted: White Rabbit and Its Evasion Tactics
https://www.trendmicro.com/en_us/research/22/a/new-ransomware-spotted-white-rabbit-and-its-evasion-tactics

Analysis of Destructive Malware (WhisperGate) targeting Ukraine
https://medium.com/s2wblog/analysis-of-destructive-malware-whispergate-targeting-ukraine-9d5d158f19f3

CVE-2021-21661 Exposing Database info via WordPress SQL injection
https://www.zerodayinitiative.com/blog/2022/1/18/cve-2021-21661-exposing-database-info-via-wordpress-sql-injection

Vulnerable AWS Lambda function Initial access in cloud attacks
https://sysdig.com/blog/exploit-mitigate-aws-lambdas-mitre

Exploit for CVE-2021-25741 vulnerability
https://github.com/Betep0k/CVE-2021-25741

Critical Vulnerabilities in Trend Micro Deep Security Agent for Linux
https://github.com/modzero/MZ-21-02-Trendmicro

Fuzzware's main repository
Start here to install
https://github.com/fuzzware-fuzzer/fuzzware

Files used for reproducing
Fuzzware's experiments
https://github.com/fuzzware-fuzzer/fuzzware-experiments

dirsearch, subfinder, ksubdomain, httpx, nuclei tools to quickly check target assets and perform sensitive files, sensitive paths, and vulnerability verification detection on target assets
https://github.com/ExpLangcn/WanLi

Make your First Malware Honeypot in Under 20 Minutes
https://www.intezer.com/blog/malware-analysis/how-to-make-malware-honeypot

Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike
https://news.sophos.com/en-us/2022/01/19/zloader-installs-remote-access-backdoors-and-delivers-cobalt-strike

CVE-2022-21658 Rust 1.0.0 through Rust 1.58.0 is affected by this vulnerability
https://blog.rust-lang.org/2022/01/20/cve-2022-21658

PoC for cve-2022-21658
https://github.com/sagittarius-a/cve-2022-21658

CVE-2021-32099 SQLi allow attacker bypass login pandora htb
https://github.com/l3eol3eo/CVE-2021-32099_SQLi

PoC for unauthenticated sensitive data disclosure affecting the wp-import-export WordPress plugin
https://github.com/qurbat/CVE-2022-0236

PoC CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
https://github.com/p0dalirius/CVE-2022-21907-http.sys

CISA Adds 13 Known Exploited Vulnerabilities to Catalog
https://www.cisa.gov/uscert/ncas/current-activity/2022/01/18/cisa-adds-13-known-exploited-vulnerabilities-catalog

Metasploit Ex Log4Shell: vCenter RCE
https://github.com/rapid7/metasploit-framework/pull/16050

CVE-2021-30949 - XNU kernel use-after-free in mach_msg
https://bugs.chromium.org/p/project-zero/issues/detail?id=2232

CVE-2021-45467 - CWP CentOS Web Panel - preauth RCE
https://octagon.net/blog/2022/01/22/cve-2021-45467-cwp-centos-web-panel-preauth-rce

CVE-2021-44515 - ZohOwned :: A Critical Authentication Bypass on Zoho ManageEngine Desktop Central
https://srcincite.io/blog/2022/01/20/zohowned-a-critical-authentication-bypass-on-zoho-manageengine-desktop-central

#Phishing Domains, urls websites and threats database
https://github.com/mitchellkrogza/Phishing.Database

Super organized and flexible script for sending #phishing campaigns
https://github.com/KINGSABRI/goCabrito

Easy to use #phishing tool with 65 website templates
https://github.com/KasRoudra/PyPhisher

#Camera phishing tool If anyone opens link generated and permits camera access his/her photo will be captured!
https://github.com/KasRoudra/CamHacker

#PUBG & BGMI Mobile Phishing Tool ID Hack Tool For Online Hacking
https://github.com/OnlineHacKing/PUBG_BGMI-Phishing

#Free_Fire Phishing Tool ID Hack Tool For Online Hacking
https://github.com/OnlineHacKing/FreeFire-Phishing

LoadLibrary for offensive operations
https://github.com/bats3c/DarkLoadLibrary

Hundreds of Offensive and Useful Docker Images for Network Intrusion
https://github.com/cybersecsi/HOUDINI

A Workflow Engine for Offensive Security
https://github.com/j3ssie/osmedeus

Second-order subdomain takeover scanner
https://github.com/mhmdiaa/second-order

bypass IP source restrictions using HTTP headers
https://github.com/p0dalirius/ipsourcebypass

weaponize a vulnerable signed driver to bypass EDR detections
https://github.com/wavestone-cdt/EDRSandblast

Flutter Roadmap 2022
https://github.com/Flutterando/roadmap

Collection of Flutter and Dart Tips and Tricks
https://github.com/vandadnp/flutter-tips-and-tricks

Flutter Reverse Engineering Framework
Android: arm64, arm32 & iOS: arm64;
https://github.com/ptswarm/reFlutter

CVE-2021-26084 Confluence Server Webwork OGNL injection
https://github.com/thomsdev/CVE-2021-26084

PoC script to exploit Pulse Secure CVE-2021-22893
https://github.com/thomsdev/CVE-2021-22893