offensive security scripts and documentation
☆30Mar 9, 2026Updated last week
Alternatives and similar repositories for offsec
Users that are interested in offsec are comparing it to the libraries listed below
Sorting:
- My Favorite Offensive Security Scripts☆85Apr 25, 2025Updated 10 months ago
- My journey and notes on learning Offensive Security from the ground up☆21Dec 22, 2025Updated 2 months ago
- A Pentesters Confluence Keyword Scanner☆17Dec 3, 2024Updated last year
- ☆38Apr 7, 2023Updated 2 years ago
- Only for educational purposes☆12Jun 17, 2023Updated 2 years ago
- ☆29May 16, 2023Updated 2 years ago
- The SAP Threat Modeling Tool is an on-premises open-source web application designed to analyze and visualize connections between SAP syst…☆51Mar 7, 2025Updated last year
- This project is an implant framework designed for long term persistent access to Windows machines.☆108Sep 22, 2023Updated 2 years ago
- A repo containing some tooling build to assist with reverse engineering malware samples☆15Jul 22, 2023Updated 2 years ago
- ☆20Nov 1, 2022Updated 3 years ago
- ☆14Mar 20, 2025Updated last year
- Apache Superset Auth Bypass (CVE-2023-27524)☆11May 9, 2023Updated 2 years ago
- POC for DLL Proxying / Hijacking☆63May 26, 2025Updated 9 months ago
- ☆25Jan 11, 2023Updated 3 years ago
- A small script to resolve domains to Azure AD tenants (and OAuth login portals)☆30Jun 26, 2023Updated 2 years ago
- A Post-exploitation Toolset for Interacting with the Microsoft Graph API☆15Nov 16, 2023Updated 2 years ago
- This is the ringzer0 writeup of web exploitation catagery. The name is "Word mean something"☆14Dec 8, 2023Updated 2 years ago
- Postfix SMTP Smuggling - Expect Script POC☆23Dec 26, 2023Updated 2 years ago
- A pure python, post-exploitation, data mining tool and remote administration tool for macOS. �🍎💻☆11Feb 22, 2017Updated 9 years ago
- ☆11Aug 31, 2023Updated 2 years ago
- ☆24Feb 7, 2025Updated last year
- Offensive Security Vault structure for Obsidian☆24Jan 9, 2023Updated 3 years ago
- linikatz is a tool to attack AD on UNIX☆156Oct 19, 2023Updated 2 years ago
- Azure Offensive Library☆17Oct 18, 2025Updated 5 months ago
- A graphical automation to monitor if backdoors/default settings are still active on the compromised machines over time.☆45Mar 8, 2024Updated 2 years ago
- Burp extension used to snip any header from all the requests.☆23Nov 12, 2023Updated 2 years ago
- Use WordPress pingback.ping to transfer files.☆16Feb 25, 2024Updated 2 years ago
- Windows privileges add to the complexity of Windows user permissions. Each additional user added to a group could lead to a domain compro…☆10Mar 2, 2018Updated 8 years ago
- My Offensive Security OSWA certification experience and my personal opinion what helps in preparation for the exam☆44Jul 13, 2023Updated 2 years ago
- ShadowForge Command & Control - Harnessing the power of Zoom's API, control a compromised Windows Machine from your Zoom Chats.☆52Jul 15, 2023Updated 2 years ago
- Associated-Threat-Analyzer detects malicious IPv4 addresses and domain names associated with your web application using local malicious d…☆41Aug 31, 2023Updated 2 years ago
- dauthi is a tool that takes advantage of API functionality across a variety of MDM solutions to perform user enumeration and single-facto…☆43Apr 23, 2024Updated last year
- A folder to serve tools from during PT/Red Team engagements. Contains common executables and scripts for privesc, recon, pivoting and CVE…☆15Mar 15, 2024Updated 2 years ago
- There were no proper POCs for CVE-2023-30533 so I made one. (Reported by Vsevolod Kokorin)☆12Aug 9, 2023Updated 2 years ago
- ☆35Updated this week
- With Wireshark or TCPdump, you can determine whether there is harmful activity on your network traffic that you have recorded on the netw…☆146May 31, 2024Updated last year
- ☆36Oct 26, 2023Updated 2 years ago
- Beacon Object Files used for Cobalt Strike☆19Jul 18, 2023Updated 2 years ago
- Wordpress Plugin Canto < 3.0.5 - Remote File Inclusion (RFI) and Remote Code Execution (RCE)☆17Nov 24, 2023Updated 2 years ago