Exploits written by the Rhino Security Labs team
☆1,095Jan 23, 2021Updated 5 years ago
Alternatives and similar repositories for Security-Research
Users that are interested in Security-Research are comparing it to the libraries listed below
Sorting:
- A collection of AWS penetration testing junk☆1,220Aug 30, 2023Updated 2 years ago
- The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.☆5,073Feb 24, 2026Updated last week
- A centralized source of all AWS IAM privilege escalation methods released by Rhino Security Labs.☆924Jul 25, 2019Updated 6 years ago
- Tools for fingerprinting and exploiting Amazon cloud infrastructures☆497Nov 10, 2022Updated 3 years ago
- Wiki to collect Red Team infrastructure hardening resources☆4,450Oct 1, 2025Updated 5 months ago
- CloudGoat is Rhino Security Labs' "Vulnerable by Design" AWS deployment tool☆3,487Feb 12, 2026Updated 3 weeks ago
- RedSnarf is a pen-testing / red-teaming tool for Windows environments☆1,213Sep 14, 2020Updated 5 years ago
- Red Team Tips as posted by @vysecurity on Twitter☆1,068Apr 26, 2020Updated 5 years ago
- Portia aims to automate a number of techniques commonly performed on internal network penetration tests after a low privileged account ha…☆501Aug 7, 2020Updated 5 years ago
- A tool to abuse Exchange services☆2,300Jun 10, 2024Updated last year
- Run PowerShell command without invoking powershell.exe☆1,533Mar 23, 2023Updated 2 years ago
- Scan for misconfigured S3 buckets across S3-compatible APIs!☆2,997Dec 11, 2025Updated 2 months ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆3,213Aug 7, 2025Updated 6 months ago
- Security Tool to Look For Interesting Files in S3 Buckets☆1,456Apr 10, 2024Updated last year
- Uses Empire's (https://github.com/BC-SECURITY/Empire) RESTful API to automate gaining Domain and/or Enterprise Admin rights in Active Dir…☆1,621Jan 23, 2024Updated 2 years ago
- HTA encryption tool for RedTeams☆1,422Nov 9, 2022Updated 3 years ago
- Unicorn is a simple tool for using a PowerShell downgrade attack and inject shellcode straight into memory. Based on Matthew Graeber's po…☆3,900Jan 24, 2024Updated 2 years ago
- Remote Recon and Collection☆459Nov 23, 2017Updated 8 years ago
- PowerShell Runspace Post Exploitation Toolkit☆1,548Aug 2, 2019Updated 6 years ago
- WeirdAAL (AWS Attack Library)☆837Jan 13, 2025Updated last year
- Payload Generation Framework☆1,972Aug 21, 2024Updated last year
- Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap.☆469Nov 14, 2019Updated 6 years ago
- Enumerate the permissions associated with AWS credential set☆1,222Feb 5, 2024Updated 2 years ago
- ☆2,316Dec 8, 2023Updated 2 years ago
- An #OSINT Framework to perform various recon techniques on Companies, People, Phone Number, Bitcoin Addresses, etc., aggregate all the r…☆3,227Nov 20, 2025Updated 3 months ago
- Collection of scripts and templates to generate Office documents embedded with the DDE, macro-less command execution technique.☆638Jul 16, 2023Updated 2 years ago
- Enumerate usernames on a domain where you have no creds by using SMB Relay with low priv.☆399May 20, 2020Updated 5 years ago
- A Tool for Domain Flyovers☆5,906May 22, 2022Updated 3 years ago
- Empire is a PowerShell and Python post-exploitation agent.☆7,818Jan 19, 2020Updated 6 years ago
- Enumeration and reconnaissance activities in the Microsoft Azure Cloud.☆254Feb 20, 2019Updated 7 years ago
- Cloud Security Suite - One stop tool for auditing the security posture of AWS/GCP/Azure infrastructure.☆1,167Dec 8, 2022Updated 3 years ago
- Perform a MitM attack and extract clear text credentials from RDP connections☆1,449Nov 20, 2025Updated 3 months ago
- SSRF (Server Side Request Forgery) testing resources☆2,482Oct 12, 2024Updated last year
- An SSL Enabled Basic Auth Credential Harvester with a Word Document Template URL Injector☆1,019Sep 11, 2017Updated 8 years ago
- Cloud-related research releases from the Rhino Security Labs team.☆392Apr 23, 2020Updated 5 years ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆5,650Jan 5, 2026Updated 2 months ago
- A swiss army knife for pentesting networks☆9,082Dec 6, 2023Updated 2 years ago
- SessionGopher is a PowerShell tool that uses WMI to extract saved session information for remote access tools such as WinSCP, PuTTY, Supe…☆1,309Nov 22, 2022Updated 3 years ago
- A tool for quickly evaluating IAM permissions in AWS.☆1,541Aug 2, 2024Updated last year