Python AV Evasion Tools
https://github.com/G1ft3dC0d3/MsfMania
C++ WinRM API via Reflective DLL
https://github.com/mez-0/winrmdll
The ultimate WinRM shell for hacking/pentesting
https://github.com/mubix/evil-winrm
https://github.com/G1ft3dC0d3/MsfMania
C++ WinRM API via Reflective DLL
https://github.com/mez-0/winrmdll
The ultimate WinRM shell for hacking/pentesting
https://github.com/mubix/evil-winrm
Infosec resource center for offensive and defensive security operations
https://github.com/InfosecHouse/InfosecHouse
A Huge Learning Resources with Labs For Offensive Security Players
https://github.com/Zeyad-Azima/Offensive-Resources
A list of useful resources for pentesting, Bug Bounty, CTF and similars
https://github.com/D3Ext/PentestDictionary
https://github.com/InfosecHouse/InfosecHouse
A Huge Learning Resources with Labs For Offensive Security Players
https://github.com/Zeyad-Azima/Offensive-Resources
A list of useful resources for pentesting, Bug Bounty, CTF and similars
https://github.com/D3Ext/PentestDictionary
Penetration Testing Cheat Sheet
https://github.com/ivan-sincek/penetration-testing-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password
https://github.com/ihebski/DefaultCreds-cheat-sheet
https://github.com/ivan-sincek/penetration-testing-cheat-sheet
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password
https://github.com/ihebski/DefaultCreds-cheat-sheet
A #browser_extension for OSINT search
https://github.com/ninoseki/mitaka
The all-in-one Red Team #extension for Web Pentest
https://github.com/LasCC/Hack-Tools
https://github.com/ninoseki/mitaka
The all-in-one Red Team #extension for Web Pentest
https://github.com/LasCC/Hack-Tools
Shuckworm Continues Cyber-Espionage Attacks Against Ukraine
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-gamaredon-espionage-ukraine
Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables
https://blog.talosintelligence.com/2022/01/iranian-apt-muddywater-targets-turkey.html?m=1
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/shuckworm-gamaredon-espionage-ukraine
Iranian APT MuddyWater targets Turkish users via malicious PDFs, executables
https://blog.talosintelligence.com/2022/01/iranian-apt-muddywater-targets-turkey.html?m=1
The latest bug bounty programs for February 2022
https://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-february-2022
Announcing the public launch of Cloudflare's Bug Bounty program
https://blog.cloudflare.com/cloudflare-bug-bounty-program
Intel Launches Project Circuit Breaker A new expansion of its Bug Bounty program, Intel’s Project Circuit Breaker brings together a community of elite hackers to reshape vulnerability management
https://www.intel.com/content/www/us/en/newsroom/news/intel-launches-project-circuit-breaker
https://portswigger.net/daily-swig/bug-bounty-radar-the-latest-bug-bounty-programs-for-february-2022
Announcing the public launch of Cloudflare's Bug Bounty program
https://blog.cloudflare.com/cloudflare-bug-bounty-program
Intel Launches Project Circuit Breaker A new expansion of its Bug Bounty program, Intel’s Project Circuit Breaker brings together a community of elite hackers to reshape vulnerability management
https://www.intel.com/content/www/us/en/newsroom/news/intel-launches-project-circuit-breaker
TartarusGate, Bypassing EDRs
https://github.com/trickster0/TartarusGate
Process Ghosting (x64 only) in C#
https://github.com/Wra7h/SharpGhosting
Malleable C2 profiles parser and assembler
https://github.com/D00Movenok/goMalleable
https://github.com/trickster0/TartarusGate
Process Ghosting (x64 only) in C#
https://github.com/Wra7h/SharpGhosting
Malleable C2 profiles parser and assembler
https://github.com/D00Movenok/goMalleable
Just Simple Code To Play With Android Payloads
https://github.com/Djawad-Hammadi/Horus-Eye
Android RAT with WebPanel For Controlling Victims
https://github.com/swagkarna/Rafel-Rat
Android RAT with web panel and undetectable App
https://github.com/Th30neAnd0nly/Ohm
https://github.com/Djawad-Hammadi/Horus-Eye
Android RAT with WebPanel For Controlling Victims
https://github.com/swagkarna/Rafel-Rat
Android RAT with web panel and undetectable App
https://github.com/Th30neAnd0nly/Ohm
Keylogger Generator for Windows written in Python
https://github.com/FZGbzuw412/SATANKLGR
C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
https://github.com/jafarlihi/serpentine
https://github.com/FZGbzuw412/SATANKLGR
C++/Win32/Boost Windows RAT (Remote Administration Tool) with a multiplatform Java/Spring RESTful C2 server and Go, C++/Qt5 frontends
https://github.com/jafarlihi/serpentine
Stowaway Multi-hop Proxy Tool for pentesters
https://github.com/ph4ntonn/Stowaway
Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading
https://github.com/alechilczenko/pwndora
https://github.com/ph4ntonn/Stowaway
Pwndora is a massive and fast IPv4 address range scanner, integrated with multi-threading
https://github.com/alechilczenko/pwndora
FuckAnywhere This is a BurpSuite Python plugin for inserting code anywhere you want to test in HTTP requests
https://github.com/gh0stkey/FuckAnywhere
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite)
https://github.com/whwlsfb/BurpCrypto
https://github.com/gh0stkey/FuckAnywhere
BurpCrypto is a collection of burpsuite encryption plug-ins, support AES/RSA/DES/ExecJs(execute JS encryption code in burpsuite)
https://github.com/whwlsfb/BurpCrypto
More than 1,000 malware packages found in NPM repository
https://github.blog/2022-02-01-top-100-npm-package-maintainers-require-2fa-additional-security
Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent
https://www.mandiant.com/resources/seo-poisoning-batloader-atera
https://github.blog/2022-02-01-top-100-npm-package-maintainers-require-2fa-additional-security
Zoom For You — SEO Poisoning to Distribute BATLOADER and Atera Agent
https://www.mandiant.com/resources/seo-poisoning-batloader-atera
Arid Viper APT targets Palestine with new wave of politically themed phishing attacks, malware
https://blog.talosintelligence.com/2022/02/arid-viper-targets-palestine.html?m=1
CoinStomp Malware Family Targets Asian Cloud Service Providers
https://www.cadosecurity.com/coinstomp-malware-family-targets-asian-cloud-service-providers
https://blog.talosintelligence.com/2022/02/arid-viper-targets-palestine.html?m=1
CoinStomp Malware Family Targets Asian Cloud Service Providers
https://www.cadosecurity.com/coinstomp-malware-family-targets-asian-cloud-service-providers
Crime and NFTs: Chainalysis Detects Significant Wash Trading and Some Money Laundering In this Emerging Asset Class
https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-nft-wash-trading-money-laundering
https://blog.chainalysis.com/reports/2022-crypto-crime-report-preview-nft-wash-trading-money-laundering
CVE-2021-44142: Details on A Samba Code Execution Bug Demonstrated AT Pwn2Own Austin
https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
What is CVE-2021-44142 and How to Fix It
https://www.trendmicro.com/en_us/research/22/b/the-samba-vulnerability-what-is-cve-2021-44142-and-how-to-fix-it
https://www.zerodayinitiative.com/blog/2022/2/1/cve-2021-44142-details-on-a-samba-code-execution-bug-demonstrated-at-pwn2own-austin
What is CVE-2021-44142 and How to Fix It
https://www.trendmicro.com/en_us/research/22/b/the-samba-vulnerability-what-is-cve-2021-44142-and-how-to-fix-it
50 lines of Bash to bring a Wordle fan out of their shell
https://gist.github.com/huytd/6a1a6a7b34a0d0abcac00b47e3d01513
https://gist.github.com/huytd/6a1a6a7b34a0d0abcac00b47e3d01513
EvilSelenium is a tool that weaponizes Selenium to #attack_Chrome https://github.com/mrd0x/EvilSelenium
Identify privilege escalation paths within and across different clouds
https://github.com/carlospolop/PurplePanda
You Can Now Automatically Launch
Profiles as Administrator
Windows Terminal 1.13 Release ♻️
https://devblogs.microsoft.com/commandline/windows-terminal-preview-1-13-release
download
https://github.com/microsoft/terminal/releases
Profiles as Administrator
Windows Terminal 1.13 Release ♻️
https://devblogs.microsoft.com/commandline/windows-terminal-preview-1-13-release
download
https://github.com/microsoft/terminal/releases
OSINT tools catalog
https://github.com/HowToFind-bot/osint-tools
A collection of hacks and one-off scripts
https://github.com/tomnomnom/hacks
Tools, scripts and tips useful during Penetration Testing engagements
https://github.com/maldevel/PenTestKit
All in One Cracker Tools for Hacking
https://github.com/cracker911181/Cracker-Tool
A web hacking toolkit Docker image with GUI applications support
https://github.com/signedsecurity/web-hacking-toolkit
https://github.com/HowToFind-bot/osint-tools
A collection of hacks and one-off scripts
https://github.com/tomnomnom/hacks
Tools, scripts and tips useful during Penetration Testing engagements
https://github.com/maldevel/PenTestKit
All in One Cracker Tools for Hacking
https://github.com/cracker911181/Cracker-Tool
A web hacking toolkit Docker image with GUI applications support
https://github.com/signedsecurity/web-hacking-toolkit