Tool to discover external and internal network attack surface
☆203May 21, 2024Updated last year
Alternatives and similar repositories for attack-surface-framework
Users that are interested in attack-surface-framework are comparing it to the libraries listed below
Sorting:
- VPN Overall Reconnaissance, Testing, Enumeration and eXploitation Toolkit☆447Nov 2, 2023Updated 2 years ago
- PoC for CVE-2021-3129 (Laravel)☆12Oct 9, 2021Updated 4 years ago
- Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit)☆16Sep 4, 2020Updated 5 years ago
- Curated list of open-source & paid Attack Surface Monitoring (ASM) tools.☆457Oct 9, 2024Updated last year
- Lookup for interesting stuff in SMB shares☆150Jun 16, 2023Updated 2 years ago
- Standardizing Security Titles☆13Dec 31, 2025Updated 2 months ago
- A quick way to perform a bulk whois query. Utilizes Team Cymru's service. Requires netcat.☆11Feb 11, 2012Updated 14 years ago
- A proof-of-concept script to conduct a phishing attack abusing Microsoft 365 OAuth Authorization Flow☆104Aug 17, 2021Updated 4 years ago
- See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)☆108Feb 12, 2023Updated 3 years ago
- Low and slow password spraying tool, designed to spray on an interval over a long period of time☆218Jan 30, 2026Updated last month
- Automatic DLL comment link generation and explaination of the DLL Proxying techniques☆10Aug 19, 2021Updated 4 years ago
- Search-Scan-Save-Notify☆11May 12, 2025Updated 9 months ago
- ☆12Apr 5, 2025Updated 10 months ago
- Sp00fer blog post -☆24Jul 19, 2022Updated 3 years ago
- Office 365 and Exchange Enumeration☆199May 7, 2019Updated 6 years ago
- FACT is a tool to collect, process and visualise forensic data from clusters of machines running in the cloud or on-premise.☆17Aug 30, 2024Updated last year
- BOF implementation of Adopt. Spawns a process from a process. Can sometimes be used to run a session > 0 process from session 0.☆17Jul 22, 2022Updated 3 years ago
- Proof-of-concept for phishing intelligence in Elastic☆15Apr 30, 2019Updated 6 years ago
- ☆13May 27, 2020Updated 5 years ago
- Collection of tools that reflect the network dimension into Bloodhound's data☆446Oct 19, 2022Updated 3 years ago
- A tool to be used in post exploitation phase for blue and red teams to bypass APPLICATIONCONTROL policies☆325Apr 8, 2023Updated 2 years ago
- Enumerate AD through LDAP with a collection of helpfull scripts being bundled☆144Feb 19, 2026Updated last week
- Process Monitor filter for finding privilege escalation vulnerabilities on Windows☆79Jun 9, 2021Updated 4 years ago
- An easy way to convert BloodHound output files into data that can be imported into reporting software like Dradis and Plextrac. Built by …☆18Oct 15, 2020Updated 5 years ago
- OSCP Privilege Escalation MindMap/Guide☆198Apr 4, 2022Updated 3 years ago
- Run Powershell without software restrictions.☆281Sep 8, 2021Updated 4 years ago
- An Office365 User Attack Tool☆646Mar 19, 2024Updated last year
- A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.☆120Jul 6, 2024Updated last year
- C# project to Reflectively load .Net assemblies in memory☆19Jun 19, 2024Updated last year
- Aggressor script that gets the latest commands from CobaltStrikes web site and creates an aggressor script based on tool options.☆22Oct 6, 2021Updated 4 years ago
- ☆10Dec 4, 2020Updated 5 years ago
- Cobalt Strike External C2 Integration With Azure Servicebus, C2 traffic via Azure Servicebus☆247Feb 23, 2022Updated 4 years ago
- Some private tools i decided to release for public.☆49Mar 14, 2024Updated last year
- A collection of Windows print spooler exploits containerized with other utilities for practical exploitation.☆550Jul 16, 2021Updated 4 years ago
- Perform operations on URLs like extracting paths, parameter names and/or values, domain name, host name (without HTTP[s]).☆29Aug 19, 2020Updated 5 years ago
- Identify common attack paths to get Domain Administrator☆21Aug 20, 2019Updated 6 years ago
- Security checks for your researches☆34Nov 22, 2020Updated 5 years ago
- Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detection…☆864Jan 20, 2022Updated 4 years ago
- Maximizing BloodHound. Max is a good boy.☆531Apr 25, 2025Updated 10 months ago