threatexpress / domainhunter
Checks expired domains for categorization/reputation and Archive.org history to determine good candidates for phishing and C2 domain names
☆1,518Updated 3 months ago
Related projects: ⓘ
- OSINT Tool: Generate username lists for companies on LinkedIn☆1,216Updated 8 months ago
- Email recon made fast and easy, with a framework to build on☆942Updated last year
- Scanning pastebin with yara rules☆1,056Updated 3 months ago
- A private botnet using multiple cloud environments for pentesters and red teamers. - Built by the community during a hackathon at the WWH…☆603Updated last year
- Simple script that checks a domain for email protections☆781Updated 3 years ago
- MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, i…☆2,903Updated last month
- A tool to abuse Exchange services☆2,151Updated 3 months ago
- Discover Your Attack Surface!☆1,350Updated last year
- A default credential scanner.☆1,429Updated 2 years ago
- AWS API Gateway management tool for creating on the fly HTTP pass-through proxies for unique IP rotation☆1,879Updated last year
- Subdomain enumeration and information gathering tool☆1,190Updated last week
- Scripts to make password spraying attacks against Lync/S4B, OWA & O365 a lot quicker, less painful and more efficient☆1,443Updated last year
- ⚡ Perform subdomain enumeration using the certificate transparency logs from Censys.☆726Updated last year
- A tool to link a domain with registered organisation names and emails, to other domains.☆826Updated 4 months ago
- A distributed nmap / masscan scanning framework complete with scan scheduling, engine pooling, subsequent scan port diff-ing, and an API …☆738Updated last year
- A script that can see if an email address is valid in Office365 (user/email enumeration). This does not perform any login attempts, is u…☆588Updated 3 years ago
- Generates permutations, alterations and mutations of subdomains and then resolves them☆2,299Updated 4 months ago
- Web Inventory tool, takes screenshots of webpages using Pyppeteer (headless Chrome/Chromium) and provides some extra bells & whistles to …☆728Updated 5 months ago
- Perform a MitM attack and extract clear text credentials from RDP connections☆1,386Updated last year
- online port scan scraper☆1,103Updated last year
- A virtual host scanner that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, work around wildcards, al…☆1,188Updated 9 months ago
- TrevorC2 is a legitimate website (browsable) that tunnels client/server communications for covert command execution.☆1,210Updated 2 years ago
- Semi-automated, feedback-driven tool to rapidly search through troves of public data on GitHub for sensitive secrets.☆1,430Updated 6 months ago
- Subdomain Takeover tool written in Go☆1,892Updated last year
- Red Team Tips as posted by @vysecurity on Twitter☆1,046Updated 4 years ago
- EyeWitness is designed to take screenshots of websites, provide some server header info, and identify default credentials if possible.☆4,905Updated last month
- HTA encryption tool for RedTeams☆1,362Updated last year
- Automate creating resilient, disposable, secure and agile infrastructure for Red Teams.☆876Updated 3 years ago
- Steal Net-NTLM Hash using Bad-PDF☆1,061Updated 4 years ago
- A collection of Red Team focused tools, scripts, and notes☆1,105Updated 4 years ago