Stars
HexStrike AI MCP Agents is an advanced MCP server that lets AI agents (Claude, GPT, Copilot, etc.) autonomously run 150+ cybersecurity tools for automated pentesting, vulnerability discovery, bug b…
BC-SECURITY / Empire
Forked from EmpireProject/EmpireEmpire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
Tool to audit and attack LAPS environments
This repo contains scripts to query dehashed.com and crack the returned hashes which will then save all cleartext passwords and hashes to files.
OSINT Tool: Generate username lists for companies on LinkedIn
Wordlists for creating statistically likely username lists for use in password attacks and security testing
DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…
enum4Linux is a Linux alternative to enum.exe for enumerating data from Windows and Samba hosts
A Powershell client for dnscat2, an encrypted DNS command and control tool.
socks4 reverse proxy for penetration testing
Transparent proxy server that works as a poor man's VPN. Forwards over ssh. Doesn't require admin. Works with Linux and MacOS. Supports DNS tunneling.
⚓️ Easily test HTTP webhooks with this handy tool that displays requests instantly.
All of Your Copy/Paste Belong to Us: Stealing the clipboard and using it for C2 communications
A PowerShell script to download all files, messages and user profiles that a user has access to in slack.
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
PowerTools is a collection of PowerShell projects with a focus on offensive operations.
MailSniper is a penetration testing tool for searching through email in a Microsoft Exchange environment for specific terms (passwords, insider intel, network architecture information, etc.). It ca…
Reflective DLL injection is a library injection technique in which the concept of reflective programming is employed to perform the loading of a library from memory into a host process.
Windows - Weaponizing privileged file writes with the Update Session Orchestrator service
Use CVE-2020-0668 to perform an arbitrary privileged file move operation.
Pure PowerShell implementation of CVE-2021-1675 Print Spooler Local Privilege Escalation (PrintNightmare)
C# and Impacket implementation of PrintNightmare CVE-2021-1675/CVE-2021-34527
Exploit allowing you to read registry hives as non-admin on Windows 10 and 11