Skip to content
View an4kein's full-sized avatar
🏠
Working from home
🏠
Working from home
94 followers · 75 following

Achievements

Achievement: Pull SharkAchievement: StarstruckAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pull SharkAchievement: StarstruckAchievement: Arctic Code Vault Contributor

Block or report an4kein

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don't include any personal information such as legal names or email addresses. Markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Stars

Showing results

R3alM0m1X82 / SpecterPortal

Advanced post-exploitation framework designed for Red Team operations in Entra ID, Azure and Microsoft 365 environments.

Vue 33 9 Updated Dec 30, 2025

R3alM0m1X82 / SpecterBroker

Advanced Windows authentication token extraction and decryption tool for red team operations and security research

C# 74 17 Updated Dec 30, 2025

botesjuan / Burp-Suite-Certified-Practitioner-Exam-Study

Burp Suite Certified Practitioner Exam Study

Python 1,269 354 Updated Nov 20, 2025

gremwell / o365enum

Enumerate valid usernames from Office 365 using ActiveSync, Autodiscover v1, or office.com login page.

Python 291 43 Updated May 2, 2024

rootsecdev / Azure-Red-Team

Azure Security Resources and Notes

PowerShell 1,694 223 Updated Nov 7, 2025

mvelazc0 / BadZure

BadZure automates the deployment of intentionally misconfigured Entra ID tenants and Azure subscriptions, populating them with diverse entities and configurable, traversable attack paths.

Python 480 31 Updated Dec 10, 2025

dafthack / GraphRunner

A Post-exploitation Toolset for Interacting with the Microsoft Graph API

PowerShell 1,238 151 Updated Jul 22, 2025

rvrsh3ll / TokenTactics

Azure JWT Token Manipulation Toolset

PowerShell 707 109 Updated Dec 6, 2024

TakSec / google-dorks-bug-bounty

A list of Google Dorks for Bug Bounty, Web Application Security, and Pentesting

1,714 243 Updated Sep 29, 2025

mitmproxy / mitmproxy

An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

Python 41,852 4,419 Updated Jan 9, 2026

nikitastupin / pwnhub

How GitHub Actions workflows can be hacked

Shell 175 17 Updated Aug 23, 2024

cider-security-research / top-10-cicd-security-risks

420 64 Updated Jan 18, 2023

xpn / WAMBam

Tooling related to the WAM Bam - Recovering Web Tokens From Office blog post

C# 129 22 Updated Jan 14, 2023

Rob--W / cors-anywhere

CORS Anywhere is a NodeJS reverse proxy which adds CORS headers to the proxied request.

JavaScript 9,326 6,556 Updated Aug 16, 2024

RedByte1337 / GraphSpy

Initial Access and Post-Exploitation Tool for AAD and O365 with a browser-based GUI

HTML 1,000 118 Updated Dec 31, 2025

OWASP / www-project-ai-testing-guide

OWASP Foundation web repository

Python 623 118 Updated Dec 23, 2025

secureworks / family-of-client-ids-research

Research into Undocumented Behavior of Azure AD Refresh Tokens

Python 331 40 Updated Feb 23, 2024

tbhaxor / CARTX

Collection of powershell scripts I used to complete my CARTP and CARTE courses.

PowerShell 47 6 Updated Aug 20, 2025

x1xhlol / system-prompts-and-models-of-ai-tools

FULL Augment Code, Claude Code, Cluely, CodeBuddy, Comet, Cursor, Devin AI, Junie, Kiro, Leap.new, Lovable, Manus, NotionAI, Orchids.app, Perplexity, Poke, Qoder, Replit, Same.dev, Trae, Traycer AI…

107,013 28,166 Updated Jan 8, 2026

asgeirtj / system_prompts_leaks

Collection of extracted System Prompts from popular chatbots like ChatGPT, Claude & Gemini

Roff 24,945 3,831 Updated Jan 7, 2026

jhaddix / system_prompts_leaks

Forked from asgeirtj/system_prompts_leaks

Collection of extracted System Prompts from popular chatbots like ChatGPT, Claude & Gemini

JavaScript 25 5 Updated Jun 1, 2025

nccgroup / ScoutSuite

Multi-Cloud Security Auditing Tool

Python 7,495 1,174 Updated Sep 23, 2025

dafthack / MFASweep

A tool for checking if MFA is enabled on multiple Microsoft Services

PowerShell 1,613 223 Updated Mar 4, 2025

dafthack / CloudPentestCheatsheets

This repository contains a collection of cheatsheets I have put together for tools related to pentesting organizations that leverage cloud providers.

2,783 554 Updated Sep 17, 2024

dafthack / DomainPasswordSpray

DomainPasswordSpray is a tool written in PowerShell to perform a password spray attack against users of a domain. By default it will automatically generate the userlist from the domain. BE VERY CAR…

PowerShell 1,995 408 Updated Jul 11, 2024

dafthack / MSOLSpray

A password spraying tool for Microsoft Online accounts (Azure/O365). The script logs if a user cred is valid, if MFA is enabled on the account, if a tenant doesn't exist, if a user doesn't exist, i…

PowerShell 1,066 182 Updated Mar 19, 2024

hausec / PowerZure

PowerShell framework to assess Azure security

PowerShell 1,250 179 Updated Oct 18, 2025

Offensive-Panda / ShadowDumper

Shadow Dumper is a powerful tool used to dump LSASS memory, often needed in penetration testing and red teaming. It uses multiple advanced techniques to dump memory, allowing to access sensitive da…

C++ 566 90 Updated May 22, 2025

NetSPI / MicroBurst

A collection of scripts for assessing Microsoft Azure security

PowerShell 2,293 335 Updated Oct 29, 2025

0xsyr0 / Red-Team-Playbooks

This repository contains cutting-edge open-source security notes and tools that will help you during your Red Team assessments.

PowerShell 373 95 Updated Dec 19, 2025
Next