Scripts that we use for pentesting
☆42Feb 24, 2017Updated 9 years ago
Alternatives and similar repositories for pentesting-scripts
Users that are interested in pentesting-scripts are comparing it to the libraries listed below
Sorting:
- Password management and cracking training☆13Jul 15, 2025Updated 7 months ago
- This code was used for the blogpost on secjuice.☆42Apr 17, 2019Updated 6 years ago
- Ansible Cobalt Strike (Docker)☆15Jan 8, 2022Updated 4 years ago
- ☆21Dec 1, 2019Updated 6 years ago
- Terraform configuration to build a Burp Private Collaborator Server☆25Nov 7, 2017Updated 8 years ago
- SharePoint Security Auditor☆21Jan 16, 2016Updated 10 years ago
- PoC: process watcher patterns to make killing a process hard.☆11Aug 1, 2018Updated 7 years ago
- Proof of Concept in Go from Secureworks' research on Azure Active Directory Brute-Force Attacks. Inspired by @treebuilder's POC on PowerS…☆14Feb 23, 2022Updated 4 years ago
- gRPC / gRPC-Web Pentest Practicing Lab☆10Aug 29, 2023Updated 2 years ago
- collection of beacon object file (Cobalt strike)☆12Jan 21, 2023Updated 3 years ago
- Python crawler for remote Windows shares☆12Nov 29, 2015Updated 10 years ago
- ☆10Jun 26, 2024Updated last year
- Google Hack Database Web Site Scrapper w/ DB updater utility. ASP.NET MVC web utility and Windows application for generating google hack …☆11Jun 23, 2016Updated 9 years ago
- ☆11Oct 3, 2021Updated 4 years ago
- ☆16Apr 14, 2020Updated 5 years ago
- A simple script that edits the XML of a macro-enabled Word document (.docm or Word 97 document) to add a reference to a remote stylesheet…☆11Oct 5, 2022Updated 3 years ago
- Ludus role for deploying a Cobalt Strike Teamserver onto Linux servers☆18Mar 19, 2025Updated 11 months ago
- A docker example for privilege escalation☆25Jul 17, 2017Updated 8 years ago
- Syscall BOF to arbitrarily add/detract process token privilege rights.☆61Jul 10, 2024Updated last year
- Log converter from CS log to Ghostwriter CSV☆31Nov 23, 2020Updated 5 years ago
- ☆28Dec 28, 2017Updated 8 years ago
- BOR - Break On Request, is a burp extension that provides a custom context menu for marking requests to be stopped by the interceptor wit…☆13Nov 18, 2022Updated 3 years ago
- Tool for reconnaissance of AWS cloud environments☆16Oct 9, 2023Updated 2 years ago
- Heappo 🦛 is a PyKD based extensions for WinDBG which aids Heap Exploitation☆14Mar 25, 2020Updated 5 years ago
- pypykats in your browser☆56Sep 28, 2019Updated 6 years ago
- Office 365 MFA capture toolkit☆14Aug 3, 2017Updated 8 years ago
- A small collection of scripts that are useful for implementing Domain Fronting in an assessment.☆14Apr 25, 2019Updated 6 years ago
- An example in C# for programmatically calling UAC to escalate to admin☆14Aug 13, 2018Updated 7 years ago
- Ansible Role for Ludus to provision or remove a device to/from a Tailnet.☆13Dec 5, 2025Updated 2 months ago
- Extract the Procedures (TTP) from CTI reports☆17Dec 13, 2025Updated 2 months ago
- Switch to JuicyPotato! https://github.com/decoder-it/juicy-potato☆12Feb 8, 2020Updated 6 years ago
- All challenges I created for CTF☆12Jun 7, 2021Updated 4 years ago
- DNS Misconfiguration : S0x4 - Same Site Scripting Scanner☆15Jan 20, 2021Updated 5 years ago
- Docker Automated Build for Security Testing Tools☆14Apr 8, 2022Updated 3 years ago
- RTSPServer Code Execution Vulnerability CVE-2018-4013☆15Nov 26, 2018Updated 7 years ago
- Collection of web app methodology from initial recon into exploit known vulnerability. Used when conducting Bug Bounty, Penetration Testi…☆13Oct 23, 2021Updated 4 years ago
- PACK (Password Analysis and Cracking Kit) (Python 3 fork + bug fixes)☆13Apr 12, 2023Updated 2 years ago
- Material from our CANAPE workshop☆32Nov 26, 2018Updated 7 years ago
- Fingerprint a web app using local files as the fingerprint sources☆38May 16, 2017Updated 8 years ago